Spamhuntress

I’ve received hundreds of spam comments from one outfit. They’re relatively easy to recognize:

*They send several hundred spam comments to the same blog
*Lots of nonsense domains with subdomains
*Just a few IP addresses used, all on Layeredtech
*The domains usually have dns servers with the same domain name
*The whois info has yahoo e-mail addresses and addresses in African sounding countries.
*They use open proxies for posting

There are some more characteristics that you can find for yourself. Basically, for now, the spam can be blocked, if you look at the logs or the database. But of course, the moment they figure it out, they’ll try and correct those, so let’s keep it quiet for now.

Once you get hit by this spammer, the best bet is to try and block them rather than cleaning your database later. Spam Karma probably zaps them, but if you’re using some other software, beware - do some .htaccess blocking sooner rather than later!

Another interesting factoid: I see several other types of spam comments with the same features. Not sure if we’re talking about the same software or the same spammer doing stuff for various parties or various spam sets.

This entry was posted on Saturday, October 14th, 2006 at 11:31 am and is filed under Comment spam. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.