MT Comment Spam

Tech

In reference to the MT Blacklist thread over at NSLog:

It seems to me that the better way of blocking comment spam would be to use a modified version of Realtime Blackhole Lists.

The downside of RBLs for email have been the fact that if you use them, you must rely solely upon the judgement of their maintainers. There is an implicit trust in the maintainers of the RBL, that they won’t block the entire continent of Asia just because of a few Tawainese spammers. Unfortunately, many RBL maintainers have, in the past, blocked whole major networks, just to “get attention”. This had the effect of wiping out email for enormous chunks of the Internet. Since most webloggers want to encourage commenting, this is not the result we want.

With a RBL-type blocker, bloggers can “pool their resources” of spammy IP addresses and ranges, each gaining protection from ranges that haven’t spammed them yet.

Since the biggest problem with using RBLs is the creeping fear of “I’m trusting my system to vigilante wackos,” I think that a distributed, trust-based system would work better.

For example:

Two MTlogs, Kottnut and BoingFilter, have their blocklists publicly available. As I trust both their maintainers to be mostly sane, I tell my MT to auto-update its blocklist from those two sources.

I can also have MT update its blocklist from Networkgeek, but since I know that the maintainer’s a lunatic who has a fetishistic dislike for the number 216, I can manually comment out the global block for 216.0.0.0/8.

Even better, since my MT would consolidate the blocklist of all three of my source sites, removing duplicate entries and so on, someone who trusted me to not be a crazy person [shh] could have their MT auto-update from my blocklist. And so on across the Internet, until we have a very stable, self-healing “web of trust”.

Granted, this whole concept is very much a Lazyweb idea, and a band-aid patch for MoveableType’s fairly insecure comment scheme, at that. I think it’d be a great addition to an otherwise very nice journaling suite.