dive into mark

• 1978 saw the first email spam. Keith Lynch also has a fascinating, if laconic, email spam timeline.
• 1994 saw spam on Usenet. (Background: Canter & Siegel Green Card Lottery Net Spam Case.)
• 2001 saw spam on Napster.

And now we have weblog spam: falsely pinging weblogs.com, automating posts to discussion boards and comment threads, and faking referrers to show up in referrer listings.

• Mo Morgan: The Sri Chinmoy Project.
• Simon Willison: WWWBoard spam.
• BlogRoots: Mastodonte Referrer Advertising.
• Wired: When the Spam Hits the Blogs.
• Slashdot: New Spam Frontier: Referer Logs.
• Kuro5hin: Spam meets blogs.
• Phil Ringnalda: Comment Spam Alert.
• Shelley Powers: Comment Spammers Redux.

Ladies and gentlemen, we have arrived.

Although I don’t host discussion boards or enable comments, I do have my further reading lists, which are auto-generated from referrer logs. Since day 1, my further reading script has implemented strict referrer verification, checking that referrers are reachable and actually contain a link to the post my access logs claim they link to. This was mostly done to weed out links from webmail pages, intranets, and browser-based desktop news aggregators. I realized it would also be a mild deterrent against intentionally forged referrers, but I didn’t think that would really be a problem. The same day I announced the system, I got 20 hits from someone who forged their referrer to point to a page that greets you with a loud WAV file that says (and I’m paraphrasing from memory here): HEY EVERYBODY, I’M LOOKING AT GAY PORN!

§

Respond privately

I am no longer accepting public comments on this post, but you can use this form to contact me privately. (Your message will not be published.)

§