Bob, On Wednesday, August 02, 2006 2:42 PM you wrote: > > > > Are you suggesting that I drop all connections from the > > complete list of ip addresses that are being used by the > > spammers? > > Yes. > > > So far there are about 200 of these addresses > > scattered over several different subnets so I am not sure > > that this is practical. And as far as I can tell the number > > of ip addresses they are using is growing. I could also > > do something similar using our Apache hosts.deny file but > > I am quite concerned that these are spoofed ip addresses > > and do not really uniquely identify the spammers. Blocking > > all of these addresses might well affect legitimate users. > > Only legitimate users that are using a hacked windows box. > And, good riddance, they should fix their computers.
If this is really being done via zombie net then I guess we should be happy that is was only a couple hundred, right? Maybe you are right that this is not such a problem, but I would feel bad denying people access just because they are being exploited without being able to give any explanation even though the chance that any one of these users might really want to know about Axiom is probably not that high. > > > > Then, one would want to remove the ban on regular links > > > or you would hit legitimate users. I'm assuming banned_links > > > would contain only the bad URL's/domain names. So in each > > > case you would get at least one spam. > > > > No, this does seem practical either because there are > > literally hundreds of these domain names. > > Yep. Why is that a problem? The problem as I see it is that using this method we actually have to let the spam through initially in order to capture the domain names. And we don't have any easy way to harvest the banned links from the spam postings and update the pattern list. So it's an ongoing manual process. Plus I am not sure how large this list can be practically speaking since this is processed by Python as a large set of regular expressions. Maybe there are some new anti-spam options that Simon has invented for ZWiki that could help, but merging our modified ZWiki/LatexWiki code with the new ZWiki code is also likely to be a serious amount of work. So far I have only done that on a piecemeal basis. > ... Regards, Bill Page. _______________________________________________ Axiom-developer mailing list Axiom-developer@nongnu.org http://lists.nongnu.org/mailman/listinfo/axiom-developer