I hate having to surrender to spammers, but in this case I just couldn't get a handle on it:
Some idiot is spamming our project's bug tracker. Why, I don't know, since GForge (the software we're running) doesn't display any links. That hasn't stopped our Bulgarian friends and didn't stop this spammer either. Here are some samples of the "bug reports" he submitted:
texas holdem, poker, gambling, casino
Mercredi
Air Compressors Caulking Guns Chisels Collated Nails Collated Staples Combo Packs Drills Impact Wrenches Nailers Power Sprayers Ratchet Wrenches Saws
Borgo
casino
Ilya
Apparel Calls Lures Gun Cases Hiking Boots Shoes Hunting Shooting Accessories Hunting Dog Equipment Sunglasses Other Hunting Equipment
Silko
Completely useless as you can see - they don't even contain a domain name. Unfortunately, a part of the webserver's logfile covering the most active period of that spammer was lost. The first three of the above examples were submitted like this:
70.86.12.194 - - [06/Nov/2005:10:36:09 -0600] "POST /tracker/index.php?group_id=6&atid=108 HTTP/1.1" 200 33383 "http://project.geeklog.net/tracker/?func=add&group_id=6&atid=108" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
216.12.208.215 - - [01/Nov/2005:08:28:59 -0600] "POST /tracker/index.php?group_id=6&atid=108 HTTP/1.1" 200 33383 "http://project.geeklog.net/tracker/?func=add&group_id=6&atid=108" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
67.15.188.23 - - [30/Oct/2005:07:00:07 -0600] "POST /tracker/index.php?group_id=6&atid=105 HTTP/1.1" 200 28970 "http://project.geeklog.net/tracker/?func=add&group_id=6&atid=105" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"That's all. Just those 3 POST requests, coming out of nowhere. 70.86.12.194 is The Planet, the other two are Everyones Internet, Inc. Both hosters aren't exactly know for their anti-spam attitude, to put it mildly ...
So, since there's no pattern here we could put in a .htaccess and since GForge doesn't offer spam protection, I had to take the only other available option, which is to disallow anonymous bug reports. Thanks for nothing, whoever you are.
Comments (0)