So there's two issues here:
Spam - both POST calls from spambot programs, and actual people trying to get around my captcha protection, email verification, etc..
Pains in the Asses - people who I just don't want to hear from for whatever reason.
Either way, the issue is basically the same, in many ways. Not in others.
I've actually thought maybe a smart way to do it would be to do a type of email verification. The obvious method would be requiring a real person to click a link in an email every time they post a comment. I suppose I could do that concept, but only once - they click a link to verify their IP address, only once. If their IP changed, they'd have to re-confirm. For some people, this wouldn't happen that often. For others (corporate firewall users or whatever), they may have to do it regularly... which is more like standard email validation mentioned above.
Of course the weirdness there comes into play if an approved IP is picked up by a spammer.
So here's what prompted the original question - I was noticing a feature in Thunderbird that allows me to easily view the header info on an email. I was hoping that there might be something similar (of course not as in depth) for Web site browsers, beyond just IP.
Jake
Daniel Elmore wrote:
What types of spam are you getting? Bot POST calls or are these actual people?
There isn't much you can do to recognize a specific person. There's cookies but I would rely on an IP match over a cookie match. According to Jupiter Research reports, 39% of users delete cookies on a regular basis. Plus bots don't store cookies and most spammers block cookies. The main thing you have to worry about with IP records is proxies. I don't know how much work your willing to put into this but, most major ISPs that use proxies make a list of their network IP's publicly available. Combine that with a list of all public and anonymous proxy servers and you would have a pretty good list. All that list would do is flag that you should _not_ ban that user's IP (it could be used by a another user at a completely different location.) There are more issues to deal with too, such as shared broadband connections, corporate firewalls. Well, I bet you are ready to give up on the IP matching thing after hearing this. So, answer the questions above more specifically and I'll see if I can help in another way.
- Daniel
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Jake McKee Sent: Wednesday, May 04, 2005 12:57 AM To: [email protected] Subject: What specific info?
All,
I've been trying to figure out some better ways to avoid comment spam on my blog. I've implemented and worked on a number of ideas in general.
from the past.But specifically looking at one particular idea for a minute - capturing user data when they submit a comment and if it matches "known" spammers Besides IP address (which we all know is questionable at best), what other "personal" information can I grab when the user submits a form?
Thanks! Jake
----------------------------------------------------------
To post, send email to [email protected]
To unsubscribe: http://www.dfwcfug.org/form_MemberUnsubscribe.cfm
To subscribe: http://www.dfwcfug.org/form_MemberRegistration.cfm
----------------------------------------------------------
To post, send email to [email protected]
To unsubscribe: http://www.dfwcfug.org/form_MemberUnsubscribe.cfm
To subscribe: http://www.dfwcfug.org/form_MemberRegistration.cfm
----------------------------------------------------------
To post, send email to [email protected]
To unsubscribe: http://www.dfwcfug.org/form_MemberUnsubscribe.cfm
To subscribe: http://www.dfwcfug.org/form_MemberRegistration.cfm
