this blog is

06 May 2005

Nerd Factor X Meta Provocation



Spammer Inferno

If Dante Alighieri were alive and blogging today, I'm sure he would have revised his Divine Comedy to include a tenth circle of hell, just for the spammers.

Check out this one, recieved yesterday:

Author :  (IP: ,
E-mail :
URL    :
Whois  :

i search for blog like this long website is very good!i will come next time!

<a href="" title="" rel="nofollow"></a>

The most interesting thing about this is that it's not obviously spam. I mean sure, the english isn't so good, but it may be a second language to someone, and I'm not going to pass judgement based on that. After thinking about it for a little while, I concluded that it actually was spam based on the following clues:

  • It was accompanied by another comment on the same blog post, which contained the text "Thank you, I just wanted to give a greeting and tell you I like your blog very much." but was otherwise identical to the above (including IP).
  • It was a comment on a fairly old blog post (always a bit of a giveaway)
  • The empty link with the "nofollow" attribute. What the hell is that all about, and why would a legitimate comment include it?

The point is that this spammer managed to waste several minutes of my time (which I am now attempting to reclaim by blogging about it).

I assume that this spam is targetting anti-spam measures, because there is no "payload": no obvious mention of any online gambling sites, debt consolidation, or the usual bullshit. Targetting anti-spam is the only other explanation I can think of, although I have no idea specifically what type of anti-spam measures they think they are targetting.

Maybe if they send enough decoy comments like this I will be convinced that my anti-spam defenses are not working, so I turn them off?

Maybe they are assuming I use an IP-address based blacklist/whitelist, and this is the first comment which gets them onto the whitelist?

Maybe they want to obscure a few payload-carrying comments by buring them in a bunch of decoys?

Maybe they just want to waste my time? (Mission accomplished)


Posted by
Alan Green
2005-05-06 14:26:06 -0500

Could just be a script kiddie screwing up a spam run.