Archive for June, 2009

Fighting comment spam with iptables

June 29th, 2009

Over the course of the past several months, I have been inundated with comment spam.  Fortunately, akismet catches most of it.  It still sucks to see anywhere from 2 to 700 comments in the spam queue every time I log in.  So, I set out to find a more forceful solution.

One thing I discovered was that most of the spam comments were coming from the following IP range:  194.8.74.0/23.

Some basic whois research shows some interesting information about the owner of that range of IP addresses [edited here for brevity]:

organisation:    ORG-DRAG1-RIPE
org-name:        Dragonara Alliance Ltd
org-type:        OTHER
address:         Geneva Place, Waterfront Drive,
                P. O. Box 3469, Road Town, Tortola,
                British Virgin Islands
mnt-ref:         DRAGONARA-MNT
mnt-by:          DRAGONARA-MNT
source:          RIPE # Filtered

I looked at their website, and they are a webhosting company it seems.  So, I have no way of knowing if they themselves are behind it or if it is one of their customers.

Anyways, I decided that keeping my site free of spam was more important to me than letting them read my blog, and added the following line to the beginning of my iptables configuration:

/sbin/iptables -A INPUT -s 194.8.74.0/23 -j DROP

This in effect drops all packets originating from that range of IP’s.  That keeps them from spamming or otherwise accessing this server.

Much to my delight, after making that configuration change, nearly all of the spam has stopped.   What few spam comments do come in, are now dealt with on a case by case basis.  I did have to block an additional range of IP’s recently.  Once again I had to weigh the benefits ( reduced spam ) against the potential downsides ( innocent users in that range might not be able to access the site. )

/sbin/iptables -A INPUT -s 195.154.0.0/16 -j DROP

A few key points to consider:

  1. Don’t even think about just copying and pasting those lines.  If you do decide to use iptables to block spammers, use the IP addresses of the ones who are spamming you.  They may be different.
  2. This works on linux servers, that have iptables installed, that you have root access to.  This will not work with shared hosting!
  3. Once you put this type of solution into place, those IP addresses will have no access at all to your server, and will not even be able to read posts or get error pages or anything.  This may or may not be what you want.
  4. This will not help if the spammers are using a proxy ( as many do. )
  5. You need to put the relevant lines at the top of your iptables configuration.  Many people recommend making a short shell script to configure iptables that has all of your rules in it.  I personally like this method.

Of course, these techniques may or may not work for you.  Please read any applicable documentation before messing with any kind of firewall, or you might lock yourself out of your server.

Comments Off »

Posted in Security

Tags:

I miss you.

June 17th, 2009

Yeah you.

Comments Off »

Posted in Uncategorized

A poem of love and resentment

June 14th, 2009

Disclaimer (of sorts) :  This is not about any one person in particular, rather an expression of frustration for a lot of individuals.


You dance when I fail

You cry when I smile


You claim not to hate me

You lie that you care


But the lies have gone stale

Though it took a while


And as you berate me

I am glad you’re not there


In my heart you are dead

Yes I have written you off.


Nothing left to be said.

Be gone now. Fuck off.

Comments Off »

Posted in Poetry

Tags:

OpenSolaris 2009.06 is here!

June 1st, 2009

Yep.  It was released today.  I’m downloading it right now….

I am actually somewhat impressed that it was released on the first of the month, rather than towards the end.

You can get it from:   http://www.opensolaris.com/get/index.jsp

Anyways, I will be trying it out tonight, and will report back!   : )

1 comment »

Posted in Unix

Tags: