I was just checking out Mailinator, and I wondered: if I posted a “throw-away” email address here, how fast would the spam start rolling in? Well, there’s only one way to find out!
M8R-3cqng3@mailin8r.com
Once this post has been online for a while, I’ll post the number of spams I’ve received at that address.
For those unfamiliar with Mailinator, it’s a slightly odd email service. There is no registration or password required (or even permitted!), so don’t use this for anything where even a hint of privacy is desired. Most people use this for disposable email addresses, e.g. for sites that require registration. See the Mailinator FAQ for more information.
Due to spam-pollution I have had to increase my defenses here. Unfortunately, this means that humans (cf spammers, i.e. sub-humans) wishing to comment here now have to answer a simple challenge in order to post. Not a big deal for the occasional comment, but regulars may want to know that there is a way around this–Register for this blog and you will be able to bypass the challenge. This assumes that you have cookies enabled, and you only use one computer. If you use multiple computers, you will need to log in the first time you use a different computer.
I’m really sorry about this. I wish there was another way to handle it, but this was the only solution I could come up with.
Over the last few days, I’ve noticed a few spam comments slipping by SpamKarma2. At least a few of the bastards seem to have figured out a way around the javascript payload test. These have all been direct comments, not trackbacks or pingbacks. SK2 still works pretty well, as it’s catching about 20+ spams for each one it allows through, so I’m thinking about supplementing SK2 with WP-Gatekeeper.
I had some trouble with Gatekeeper earlier, but I think it was primarily due to the fact that I have multiple themes on my blog. (I also saw a note in the Gatekeeper changelog about a bug that blocked trackbacks and/or pingbacks in the version I was using.) I’ve upgraded Gatekeeper to RC4, and I’m going to disable the theme switcher (and my other themes). Then I’ve got to hard-code a call to Gatekeeper’s challenge routine in my comment form(s).
Sounds like a job for this weekend, since it’ll probably take a few hours to get all this done. God, I hope that You have a special circle of Hell set aside for spammers!
Well, it finally happened–SpamKarma2 finally let a piece of spam slip into my comments. I installed SK2 about 4.5 months ago, and it’s caught 268 spams out of 269 attempts (99.63% accuracy). It hasn’t yet mischaracterized a “real” comment as spam.
The comment which finally got through had a very short, grammatically correct phrase. It had a valid javascript payload, and the encrypted payload was valid. The spam had an author URL which pointed to a domain that was for sale.
This morning I read an interesting post on acetylene.net wherein he describes putting his Gmail account on the sacrificial alter of the spam demons by clicking the “unsubscribe” link in every spam he received. Surprisingly, this worked! From the numbers published, it looks like his spam harvest has dropped by about 97%. Quite an accomplishment, if it continues to hold.
But the article got me thinking–wouldn’t it be awesome if there was a list of ethical spammers, i.e. ones which provided “unsubscribe” links which actually did what they purport? I have in mind something like an inverse RBL, perhaps a “realtime white list” or something similar. I don’t know how such a system might work, or even if it’s possible. But wouldn’t it be cool if your spam filter could automagically follow Unsubscribe links if they appeared on the RWL?
I read a post today on Nicholas’ blog which indicated that he was having trouble commenting on my site. I’ve had other commenting problems (1, 2) in the past which have been traced to my spam-blocker, WP-Gatekeeper. I haven’t spent any effort on the current problem, I’m just assuming that gatekeeper is at fault, so I disabled this plugin and installed Spam Karma 2 since Nicholas seems to be getting good results with it. I’m not sure what Joseph is using nowadays, but gatekeeper may be doing the trick for him–I found out a few days ago that he hand-rolled his crisp minimalist theme, and perhaps gatekeeper plays well with such a setup.
I’ll run with Spam Karma 2 for a while and see how it goes. I hate to think that people might have tried to post comments here, failed, and given up on this blog. I really have no idea how many people read the crap I post, but I know there are at least a few people out there with too much time on their hands. 
