Spam Through HTTP Referrer Logs 52
Max Romantschuk continues: "It took a moment to realize what was going on, but then it dawned to me, I was being spammed through my referrer logs! A quick google search on the words "referrer spam" confirmed my suspicions, this was indeed a widespread practice, and not new at all. In fact, Wired had an article on the subject dating almost a year back. It turns out the spammers aren't after blog authors, but what they are actually doing is targetting people which publish their referrer logs on their sites automatically. Fortunately, I don't.
I run a very small site, and get about 20 to 50 visits a day, and I don't publish my logs. Not exactly a likely target, am I? Clearly these spammers seem to do this in volume, and the phenomenon is bound to increase as email spamming is becomming increasingly hard. With email spam, IM spam, Windows Messaging spam (NET SEND popups) and HTTP referrer spam, how long will it take until every open technology has to be locked down? I hate to say it, but I doubt Wikis and similar systems will stay open for very long if things keep going in this direction."
Not Always Spam (Score:2, Interesting)
Personally I don't like people tracking my referrer links. Mind your own business. If you want to see who is linking you, you can do that with google. I know people disagree, since your website is your business. But I don't like being monitored that closely.
Maybe I'll set my referrer to goats.cx.
BTW, this story has been seen on Slashdot before.
Well, (Score:3, Interesting)
scanning for open proxies and similar things, using some certain scripts/whatever which annoyed the logs with falsifyed referes.
Re:The idea behind a Wiki (Score:2, Interesting)
Legality of wiki spam? (Score:3, Interesting)
links to resumes (Score:2, Interesting)
Is it the people looking for jobs, or is it some resume posting service? I get about a half-dozen of these per month.
MovableType Blogs (Score:3, Interesting)
http://echo.ashpool.org/blog/305/ [ashpool.org]
http://www.idly.org/2003/11/14/porn_sites_hiding_
http://www.jayallen.org/comment_spam/2003/11/aler
Spider them before publishing log (Score:3, Interesting)
I would think that it would easy enough to send a spider to the referrer page and search for the referred page. If you don't find it, delete it from the log. In fact, you wouldn't even need the spider because the link should be the exact page anyway.
This also becomes a means to maintain the blacklists other have mentioned.
Isn't this simple to do?
Re:MovableType Blogs (Score:4, Interesting)
As for solving the issue of false referrers, why not just modify where the referrer ends up based on whether the specified referring page actually has a link to you or not. The distributed effects of zillions of bloggers all spamming the spam site with automated HTTP requests should be enough to dissuade the spammers from continuing