Getting rid of SPAM

Can I tell you how much time it takes me to purge all the SPAM messages that pile up in this weblog every day? It is insidious. There have been times when literally hundreds of comments have been submitted to my posts and suddenly appeared all over my weblog.
Luckily, I use a MT-Blacklist to filter out a lot of the junk (there are over 1,500 URL’s that are blacklisted). I cannot imagine what this weblog would look like without it. Well, I simply couldn稚 use Movable Type. The SPAMers keep pumping out new URL’s advertising everything from porn, to Texas-hold-em gambling, to “male-enhancement” drugs.
SPAM is evil, just plain evil.

3 thoughts on “Getting rid of SPAM

  1. It’s the dark side of MT. Soon after I converted my blog from Blogger back to MT, the spam comments took over. I eventually switched to HaloScan (haloscan.com) Their free commenting system is great, and a measly $12 gives you customizable templates and enhanced editing options.
    Importing the comments from MT is fairly simple, following teh Haloscan instructions for migrating from MT. However, there’s an omission in their instructions which didn’t stop the MT spam. Although my MT comment spam didn’t show on the site,, when I’d log in, I could see dozens of comments had been somehow been wedged into my site.
    Here’s the solution:
    1. Set up a Haloscan account.
    2. Modify the templates for the Main Index, Individual Entry, Date-Based Archive and any other archive templates you’re using. HaloScan gives you
    A) snippet of code to put into the HEAD section of each of those, and
    B)another snippet to replace the text between the MTEntryIfAllowComments tags, in the BODY section, at the end of the post. THAT IS A MISTAKE. What you should do is completely REPLACE the MTEntryIfAllowComments tags AND everything in between them with the Haloscan snippet. (We don’t want to reference anything but HaloScan now, except for the actual MT post.)
    3. There’s another Haloscan code snippet to replace the MTEntryIfAllowPings tags and everything in between them. The only reference to MT in the Comment snippet and the Trackback snippet should be the $MTEntryID$ tags.
    We’re not done yet, the bastards can still cram stuff in your site–but these next steps will fix that.
    4. In your Weblog Configuation, on the Preferences tab, turn Allow Comments Default to NONE, and Allow Pings by Default to UNchecked.
    This fixes it for new posts, but believe it or not, they can still get in on the old posts. One more thing to do.
    5. Go to rayners.org/2003/12/closing_comments_on_old_entries.php
    Download mt-close.zip and open mt-close.cgi.
    Do a Find and Replace to change the number “5” in the script to “1” (I think it occurs twice, and it’s hard to spot without using Replace.) This means that MT ain’t acceptin’ no comments for anything older than today, and the configuration changes you made prevent MT from accepting comments to today’s posts.
    Upload mt-close.cgi to your cgi-bin.
    That does it. All your old comments are preserved, and no comment spam on old posts or new posts, seen or unseen. There may be a simpler method, just deleting mt-comments.cgi from your cgi-bin, might save you steps 4 and 5, but it felt drastic. I didn’t try it so I can’t vouch for it.
    Hang it there, Rovertum!

  2. Thanks for the information, John. I have debated going back to Blogger.com, but they do not have a way as of yet to transfer from a different system into theirs. MoveableType is fine, it is just those pesky SPAM messages. I saw a blog using another system that required the person posting a comment to type in a skewed series of letters and numbers (you’ve seen that kind of thing, I assume). That might be a way of circumventing the SPAMers, even though it becomes more of a hassle to post comments.
    I’ll look into Rovertus.
    Bob

Leave a Reply