The solution: install MT-Blacklist: http://www.jayallen.org/projects/mt-blacklist/

It does exactly what you need. Consider changing the default setting so that it doesn't rebuild after every article is de-spammed, since I've found on my site that spammers often hit 50 posts or more at once. In those cases, best to just delete each spam and then rebuild once.

So far your minesweeper seems to have got rid of the offending card players, which makes my VADE RETRO SATANAS in the Devendra thread (i think) look rather bizarre!

Joe, thanks for the tip & link (nice blog you got going too). I think we have Blacklist already installed somewhere in the Bags innards. Just need to figure out how to crank the sucker up, flip the safety off, & start blasting. Moné?

Seems that requiring registration before posting helps eliminate this problem...

Seems like whatevewr you're doing it ain't working--fresh adverts for contact lenses et al popped up just now.

What with contact lenses and dish network, it's time to get tough with these fuckers, wouldn't you say? Fucking spam, I hate it and the spineless little fuckers who do it. DEREK / JOE: get busy please

Lo siento amigos, been incommunicado since Saturday morning & wasn’t aware we’d been hit by another broadside of spam. Trying to raise Moné on the virtual horn. IP addresses of the enemy have been waved under the snarling snouts of the hounds. Shouldn’t be long now before they’re reduced to so much dog meat.

thanks Clint

Eastwood or Howard?

holy fucking spambot. Where's Superman when you need him?

It took some doing, but I finally gained access to the spam-blocking utility referred to above and have been updating the master list. If you all continue to run into spam comments, go ahead and notify me by email so I can make the necessary changes to the registry.

On top of it for now (I hope),

Joe

YEE-HAW!, the tables have finally turned & we got those jackasses in the crosshairs now! Thanks to Joe (& Al) for dusting off the munitions & bringing them to bear.

Vigilance is key.

2244 entries [in our spam-block register] and counting...

Say WHAT?

hey, what's happening at the moment?? all is full of spam and such. maybe it would make sense to think about a log-in system or something.

Yeah, it might be time.

My suggestion to Joe was to use one of the extra-security features that you see on some sites: they ask you to type in a constantly-changing password, or a letter of the alphabet, or the letters you can make out in a skewed visual image, &c.

I think something needs to be done though. It seems like every day or two the entire site is flooded with spam.

As Nate notes, there are a number of utilities / MT plug-ins available. The Blacklist is fine for what it is, but it still requires a lot of admin labor.

I've asked Mone to assist with investigating a solution. Mostly this means getting his input on installation of a given plug-in.

It might also be time for us to upgrade to a newer version of Movable Type (we're on 2.661; the Six Apart folks have just release 3.12) as well.

One thing I will say, though, is a couple times the spam has led me to an interesting article from the bagarchives. So occasionally I think 'Wow, thanks Texas Hold 'Em! Now die . . .'

it seems as if the terrorists may have won. :)

“No act of the terrorists will change our purpose, or weaken our resolve, or alter their fate.”

- Shrub II

[irony inherent in invoking the PR puffery of el presidente duly noted ;) ]

Come on, what happened to the plans for getting some extra security measures on the site? This is getting out of hand, & just cleaning up the site every day or two to remove the links to nude celebrity pics & anti-smoking pills & whatnot is not nearly enough.

also, whoever is in charge while Al's underwater (I assume Joe M.?), can you please get in touch with Mark Flaum and give him access so he can resuscitate IHM, which has been largely broken since Wednesday or so? thanks...

Yes, it's getting a bit ridiculous, isn't it? having threatened to stop posting here and returned thinking the site had been cleaned up, here we go again with Britney's t*ts, Paris Hilton's a**hole, Viagra, giant d*cks and all the rest of it. JOE, DEREK, whoever's running Bags, get the fucking site cleaned up PROPERLY and put some bloody PASSWORDS in there so that serious users can access the site and the other assholes will disappear. Yours, THOROUGHLY FED UP.

Ten-hut. Yes sirs, right away, sirs. What’s with the autocratic ordering about? As far as I know Joe and Moné are still discussing what method to employ to stave off the spam. Neither seems to think a password/registration process is the best bet. And I don’t know shit from shinola about Moveable Type innards so there’s not a whole lot I can do about it myself. Al’s fifty fathoms down & abdicated his crown months ago, so there's no standing potentate. So apologies for the delay & no true offense intended, but you guys are coming across like a couple of whiny ankle biters.

All that said, I’ll see if I can goose the proper backsides & expedite the process.

Yours, FEELING YOUR PAIN

(Jon, I wasn't aware that IHM was down, I'll ask Joe to contact Mark)

"Jon, I wasn't aware that IHM was down, I'll ask Joe to contact Mark"

he did already, thanks, although it's still semi-down....

Here are some boring technical explanations for the various problems / hold-ups you may have noticed:

1) IHM = the site was using an older, now compromised version of phpBB2, which sits behind the BBS and associated database (users, threads, PM's, etc.) itself. Late last week, we rcvd. a notification from our site host that it was imperative that we upgrade to the latest version of phpBB2 (2.0.11). I believe the IHM admin has done this, but there are still some technical issues to be resolved.

2) We are currently using Movable Type v. 2.661. MT is now up to version 3.12, I believe. For a full list of MT 3.12 features, see: http://www.movabletype.org/features.shtml. Note that they have included in this release a "an extensive suite of tools for managing, authenticating, and approving or disapproving reader comments." Said tools are not available in 2.661.

However, when Alan shipped out, he did not leave me with any of the licensing information related to this critical product. (His one oversight, but then again I gues he could not have foreseen these developments.) Which makes getting the upgrade a much more complicated, and potentially expensive, proposition. Be aware too that any sort of upgrade will no doubt require us to be off-line for a time.

3) We cannot upgrade our Blacklist plugin unless we upgrade to MT 3.X; compatibility issues. Either way, we're still looking at keying in a lot of information by hand on the admin side.

4) There are at least a couple of other MT plugins that have been developed to block crap flooding. Both of them basically require that anyone wishing to make a comment at the site enter a "security code", thus verifying that they are a literate, human user and not just a spam robot.

http://mt-plugins.org/archives/entry/scode.php

A similar system in place at: http://fistfulofeuros.net/ (info proided by Nate Dorward)

I tried to get the former installed yesterday, but an essential Perl library (GD) is not installed on our server. As of this morning, our sitehost tech support has offered to install this for us, and I will be getting back to them shortly with the go-ahead.

As for the latter: I've sent a query their way ("how'd ya do it?") but, as yet, no response.

That's where we stand. Now, I'm going to go stand in line for some coffee.

Joe

thanks for all that, Joe, much appreciated...

Sorry to be so autocratic.. let's try that one again.. JOE, DEREK, whoever's running Bags, PLEASE get the.. etc
Hey, I wanted to write the word T-I-T-S in the last mail and it wouldn't let me - but "fucking" got through no problem.. what does that say about our world?

"Hey, I wanted to write the word T-I-T-S in the last mail and it wouldn't let me - but *fucking* got through no problem.. what does that say about our world?"

Long live phallocentrism!!!

Hey, I share everyone's frustration. But these spammers ain't no dummies either...

If you filter out swear words I'll be sitting here retyping posts a lot...

Fucking A! Long live Milazzoism and Warburtonism- two ‘isms’ I can get behind wholeheartedly. Seriously, Joe, thanks for all your hard work on this. I’m about as useful as screen door in a hurricane when it comes to all this techno-tinkering. But I did just get past page 10 in the HOW TO HATCH RETROACTIVE HARD DRIVE DEMOLISHING VIRUSES TARGETING SPAM PURVEYORS manual. Only 346 pages to go...

Just testing out the new anti-spam script....

My only suggestion would be that for us lazy typists you make the password acceptable both as all-caps & all-lowercase (I tried lowercase but it wouldn't take it).

Testing one, two.

thanks Clint