Guestbook spam

From Spamhuntress

Jump to: navigation, search

This is a page for summarizing everything we know about Guestbook spam in general.

The spammers

Guestbook spam was probably the first type of link spam, and Matt's guestbook script the first targeted guestbook. By now, many of the spammers will spam anything on the web that's interactive, including guestbooks.

The point

The point is to get better rankings in the search engines. That's done by inserting links and anchor text with lots of keywords in them. The spam is not meant for human eyeballs and clicks. Which is why abandoned or hard to clean guestbooks is favored.

Fixes

Please add your own ideas here.

  • Use a moderated guestbook. Where you have to manually approve each post.
  • Guestbook software providers need to include rel="nofollow". Both for the URL field, and for hyperlinked URL's in the body of comments, however they're implemented.
  • Captcha. Explanation: An image with letters or numbers. You have to write what you see into a field, or the comment won't be posted.
  • Block posts containing links, or create your own system of allowing links via a custom keyphrase or tag.
  • Block posts containing spam keywords (very often names of prescription drugs: "phentermine" and "viagra" appear to be the most common)
  • Dreambook are fairly good at removing spam centrally. They also offer moderated guestbooks.
  • For Advanced Guestbook: Carbonize has a custom field that needs to be included in the form. And he now has a spinoff that's even more spam proof.
  • For Advanced Users: Many hosting companies set up free guestbook functionality using Matt Wright's Guestbook package. Sites are regularly scanned for "guestbook.pl" (the name of MW's PERL script which creates the new guestbook entries) and POSTs spam using this script because it is readily available and easy to manipulate. Creating new guestbook code, using a different (and/or differently-named) guestbook scheme are ways to slow spammers down. If you know PHP (and your webhosting company supports it), you can use it to fairly easily create a new guestbook. PHP is a simple-enough language that you can create your own filters as you see fit.
  • I have had good luck with a simple script which uses grep(1) and a list of known spam terms. I run it once every couple of hours against the directory containing my guestbook entries (which appear as separate files) and shunt suspicious ones off to a "spam" directory. Works for Me!
  • If you write your own guestbook software, make it that common spam terms like don't get accepted in the first place.
  • If you write your own guestbook software, watch the IP addresses that spam your guestbook. If they are always the same IPs, then block them.
  • If you write your own guestbook software, block repetitive posting (i.e. several entries within the same 10 seconds), or disallow fast posting (a new entry within 5 seconds after the guestbook page has been loaded; no real human is that fast).

Do you have other ideas? Please add them to this page!

Retrieved from "http://spamhuntress.com/w/index.php/Guestbook_spam"
Personal tools