No Comments for You
January 4, 2005
I hate comment spam as much as the next person (which is why you have to type in those annoying captcha things when leaving a comment), and so I was thrilled to find a Spam Assassin plugin for WordPress (which I run on several sites, just not this one).
Until I got to the bottom of the post. They check the various blackhole lists, and since I’m on Comcast (my desktop, not my site), my current dynamic IP address is listed. No big surprise—Comcast doesn’t block port 25 (at least not in all areas), and as a result, a lot of e-mail spammers live there. Going through the lookup, the blackhole list collected some e-mail spam from this IP address in June (when I had a completely different IP address, that being what “dynamic” means.)
So I’m not allowed to comment on the post. Not that I really wanted to, mind you, until I saw that, but still. Won’t I be thrilled to see this plugin become widespread?
The post also contained this little note:
Comcast is spammer friendly. 45% of last weekend’s comment spam came from the Comcast network. If you’re a Comcast customer, put pressure on them to clean up their act, or find a new ISP if they won’t. Businesses which turn a blind eye to spammers don’t deserve your money.
Which is easy enough to say, of course. I live about 23,000 feet from the local telco CO, which means my choices for internet access are Comcast, or dialup. Comcast may not deserve my money, but unless I move, they’ve got an impressively tight grasp on my cajones. Complaining to them about a loose connector on the phone pole that put me offline last summer took 10 days to get fixed, so I’m sure a complaint to them about their comment spam policies would get a real impressive amount of their attention also.
Interesting that this mentions 45% of comment spam coming from Comcast, a number I hadn’t heard before. I know Comcast is a great source of e-mail spam (since I get a staggeringly high amount of e-mail spam), something they could largely solve by blocking port 25, as many or most ISPs do these days.
I’m not sure just how they’re supposed to solve comment spam, however, other than deal with it on a reported case basis—which I’m sure they’d probably be lousy at, but I’ve not heard of any organized approaches to reporting comment spam anyway, at least not nearly like there is for e-mail spam. It’s not like most of their customers would put up with them blocking port 80 (ie: all web traffic).
I’m sorry, I’m as hard put to deal with comment spam as the next guy (I don’t like cleaning up 7,000 comments about “online poker” any more than anyone else does), but an approach that a) automates out people on dynamic addresses from substantially large ISPs while b) not providing an alternative for people snagged by the automation (force them to enter a captcha, moderate them, etc.) seems to me to be a tad bit over-dependent on the reliability of the mechanism.
(Track’d back to the source post, which also bounced. I guess he doesn’t like my horse, either)