Quoting Bill Kendrick ([email protected]): > I've got 72 examples from 50 IP addresses (all over the board). > I assume it's people with some kind of virus/trojan.
It's automated comment spam. The script that generates it puts gibberish into fields it thinks are likely to be fields for fullname, and such, and a plausible string in what it thinks is an e-mail address field, but then puts a fatuous comment like "Nice site!" and then a spamvertised URL into whatever it thinks is a comment field. If you get tired of cleaning up after it, require that posters correctly answer a simple question of your devising, e.g., "What's Jimmy Carter's first name?", and then discard any submissions that don't include a correct answer. Odds are, you'd never even have to update it to ask, e.g., "What's Billy Carter's surname?", because hardly anyone running a comment-spam script ever bothers to customise it for any one site. They just blitz everything findable that looks like a Web form, and make up any losses in volume. > User agents are all over the board, too. And faked. > So (1) it's distributed, (2) it's cross-browser and somewhat > cross-platform (or apparently so). Rule #1: Spammer lie. Rule #2: Spammers are stupid. (However, more often than not they're using blackbox toolkits written by tolerably competent people.) It's probably neither cross-platform nor cross-browser. (See Rule #1.) Trying to hit that gibberish with a regex is going to be a losing battle. Try a different tactic. _______________________________________________ vox-tech mailing list [email protected] http://lists.lugod.org/mailman/listinfo/vox-tech
