Comments on: War of the short URL worlds

By: Rino

Rino — Tue, 12 Jun 2007 18:51:29 +0000

It’s just hard to keep spammers way from our sites.

By: Steve

Steve — Tue, 19 Dec 2006 19:16:23 +0000

I invite them to try to use our service for spam, the filters will catch them, and if they dont, it gives us all the more reasons to make them even more intelligent. The key to avoiding not all but most spam when running a service like this is not allowing redirects, not allowing anything except the HTTP 200 code, and spidering the page for stop words. url-z.com has accomplished this.

By: David Berlind, here is the dark side to URL shortening services » Make You Go Hmm

Sun, 03 Dec 2006 17:30:33 +0000

[…] Running one of these short URL services — and keeping it clean — requires even more aggressive filtering and monitoring than checking your email box. I lamented these challenges trying to keep these services spammer free back in a post here July called War of the Short URL Worlds. The activity had gotten progressively worse as spammers tried to hide their activities behind the short URL service which culminated in that post. For awhile I was getting daily emails alerting me that my short URL service was being used for spamming. Fortunately with the changes made over the past few months it has improved slightly. I also had to ban uses of other shorten URL services like TinyURL which were being used as multiple level spam redirection. Sound like fun? […]

By: big j

big j — Wed, 12 Jul 2006 04:12:11 +0000

You may want to try an approach similiar to gostubby.com they are excellent at fighting spam.

Urls that redirect are not allowed.
Urls containing common spam words are not allowed. etc…

There are plenty of ways to code this, but they seem to be pushing the bar when it comes to fighting spam with URL forwarding

By: TDavid

TDavid — Wed, 14 Jun 2006 00:38:41 +0000

No Kevin, hadn’t even heard of it until you shared. Thanks, will check it out.

By: Kevin

Kevin — Wed, 14 Jun 2006 00:30:43 +0000

Actually, that link doesn’t work without the www.

http://www.surbl.org/

An Open Letter To Operators Of Redirection Sites

http://www.surbl.org/redirect.html

By: Kevin

Kevin — Wed, 14 Jun 2006 00:16:35 +0000

Have you implemented SURBL?

By: darkmoon

darkmoon — Tue, 13 Jun 2006 21:16:08 +0000

Actually now that I think about it… this goes back to my ideas during my college years in specializing in embedded wireless networking and security. I think that ultimately, the best way to detect is at the router itself. If you ran a distributed network of routers that all talked with one another and compared the traffic patterns, then you could definitely catch on to the scripted spamming. No matter how sophisticated the spamming technology is driven, there is no way to truly randomize traffic. Since the Tier 1 routers route pretty much all of the traffic, they would have the largest “data pool” to analyze from and eventually detect even the most minute of patterns for spam headers.

I know I know, I’m starting to sound like the government with their terrorist detection methodologies, but it’s not terribly different. I just find that if you apply a mathematical model to human beings, it doesn’t quite work the same way as pattern detection with e-mail. Along with this, combine it with current known IPs or compromised spam originations and you could have yourself a pretty powerful anti-spam bottleneck.

Well, I can dream at least. :p

By: darkmoon

darkmoon — Tue, 13 Jun 2006 21:10:20 +0000

If you ask me, if you can detect waves of spam coming (like I do with my blog server), then I don’t see how Tier 1 routers couldn’t also detect traffic like that from traffic analysis. If I had anything to do with it, I’d turn off every single compromised IP address until the issue was fixed and the owner of that computer was taught how to use the device correctly.

Unfortunately, Tier 1 along with even Tier 2/3 ISPs don’t give one’s rat’s butt about spam. I contacted University of Minnesota’s IT department just recently about one of their computers being compromised and trackback spamming my server to hell and back. The IT staff was like: we care about spam, please send us the message with headers.

UHHH…..

Currently, I have a whole bunch of IP ranges that are blocked due to spam. Blackholed them, but doesn’t protect me from a DDOS.

If vendors like AT&T are truly “filtering” our networks anyways with net neutrality out the door, then I fully expect them to do this anyways. If they’re going to QoS things, it doesn’t take much to place a couple more rules to do some spam detection on the packets that are going though. Of course, that makes us no better than the Great Firewall of China, but obviously no one cares about that one. :p

By: TDavid

TDavid — Tue, 13 Jun 2006 20:37:29 +0000

Good conversation, darkmoon. I think it’s important to flush out the really bad spammers first. Borderline spammers need to be educated and hopefully reformed, but the really bad ones have to be the first target. I suspect borderline ones for at least the service mentioned in this tread will go away after they find their work has been ruined (the link that was supposed to earn them money now redirects to my site). Cut off the money source and it takes the fun out of things in a hurry for these guys.

That is the ones without mass scripts running. Scripts don’t care. They can run all day and night and they have no morals or ethics unless programmed by us to have them.

If these spammers are giving me their information and then use the service to spam, they are breaking the agreement and then it boils down into how we deal with that from a legal standpoint. That gets more into the part where I’d turn that information over to the attorneys and let them advise us as to how to proceed.

My problem with existing spam is that unless there is some sort of feet to the fire concern, they will just keep on doing it. I’m not sure there are enough deterrents out there with the current internet climate. It would be good to have it be a much more treacherous environment for spammers to operate on the web and thus create a greater risk proposition for them. Until the web operates that way, spammers will continue to proliferate and we’ll just keep complaining about the problem in a neverending cycle.

Here’s my concern: I setup a service and put my name on it, and then it gets used and abused with my name on it and ends up putting my name in places damaging the brand. Spammers like their anonymity. If they feel this anonymity could be breached when it’s really unnecessary (other easier, less risky targets) I think that’s a risk not as many — I didn’t say all of them — are willing to take. You are correct it wouldn’t stop all of them, but that’s not my immediate goal thinking, I’m thinking of stopping most of them. If you can get the noise level down to a small amount, it’s manageable.

That’s the hypothesis, anyway, I’m not sure how sound this actually is in reality. One thing I do know is that things have gotten worse, not better.