mysecurepc.com blog

I got a message

Remote host said: 553 sorry, relaying denied from your location [123.147.64.166] (#5.7.1)
[RCPT_TO]

Since I was not getting email from yahoo groups my first inclination was that yahoo groups was the problem. It turns out that my host was bouncing email. My guess is that it thinks yahoo groups is a spammer so its remediation was to reject emails.

I use Thunderbird (Outlook clone) to manage my email. Putting the yahoo group’s names in the white list did not solve the problem. I added each group to allowed list on my email account -on the host server-. So far (over a week) this has solved the problem.

Doug

If you own a domain, you have a great anti-spam tool at hand: your email server. All email to an address at your domain that does not already exist (such as “abc@mydomain.com”) is probably forwarded to your main account by default or a catch-all account.

You can use this feature to create throwaway email addresses on the fly:

* If you need to give an email address to sign up for something, make one up.

For example, if you sign up for a newsletter at ebb, enter “ebb@mydomain.com” as your email address.

If you get spam, have a look at the junk email’s headers. If ebb@mydomain.com shows up as the original recipient, you know who to blame: ebb. Nobody else even knew the address existed. Be aware, though, that spammers sometimes make up email addresses, and sometimes one they create can match one you created.

If the spam continues to arrive at the ebb@mydomain.com address, get rid of both the address and the spam by making any mail to ebb@mydomain.com bounce back to the sender.

The one downside of creating a catch-all account is that -any- email sent to your domain will be accepted and put in the ‘catch-all’ account.

Doug

Referer spam is something a website owner should watch for.

To quote wikipedia:

The technique involves making repeated web site requests using a fake referer url that points to the site the spammer wishes to advertise. Sites that publicize their access logs, including referer statistics, will then end up linking to the spammer’s site, which will in turn be indexed by the search engines as they crawl the access logs.

Sometimes the requests are so often the website is bogged down as in a denial of service attack.

Why spam using a fake referer? Many bloggers will post their most popular URLs which in this case would be the spammer - free advertising.

If you have an apache server blocking fake URLs is easy via the .htaccess file. Ask your webmaster how to block them.

Doug

There are several types of spam to deal with regarding blogging: comments, backtracks, and email harvest.
Comment spamming occurs when a comment is left in response to an article with a link to a spam site.
Backtrack spam occurs when spam links are left as backtracks.
Email harvest occurs when an embedded email is taken off the blog’s page and used for spamming.

How do we prevent this?

CAPTCHA (Completely Automated Public Test to tell Computers and Humans Apart) shows convoluted alphanumeric characters and has the user type them in. This method has become very popular recently in order to stop automated programs from creating accounts though some people will not deal with sites that use CAPTCHA.
Several suggestions are available for comment spam.

• Moderate comments. This is very effective.
• Visit left behind links in comments to make sure they point to good sites.
• Have the user register in order to post a comment.
• Use CAPTCHAs during the registration process so it cannot be automated.
• Limit the number of links per comment (check admin screen)

Some blogs have black word lists that you can add your own words so if they appear in a comment the comment is rejected.
Authors can be preapproved so their comments do not have to be moderated.

Backtrack ideas:

• Turn off backtracking. Drastic but effective.

An email address can be embedded using JavaScript to hide the fact that it is an email address.URL blacklists, where any URL left in a comment is checked against a blacklist, is effective but difficult to maintain. There are several public ones available. For example, Wordpress has the akismet plugin which checks the spamminess of a comment anonymously.

A proposal to reduce spam, backed by Google, Yahoo, and Microsoft, is add an attribute “rel=nofollow” to any embedded links in a comment or trackback. The search engines, upon encountering this, will not use the link in calculating ranking. Some blogs automatically default to adding the nofollow attribute to links.
Doug

Many obsolete blogs are ripe for spreading comment spam. Spammers look for retired blogs and add their links to comments where they know no one is looking. So if you have a blog you are no longer using, either delete it or set it up where comments cannot be automatically added.

Doug

Enough cannot be said about spam prevention. Laws do not seem to help. Read about ways to deal with the spam problem.

Doug