Lunacy Unleashed

Notes from the field in the War on Spam

Bad Behavior 2 Update

I had originally intended to have a second alpha release of Bad Behavior 2, the next generation of the Web’s only non-content-based link spam killer, ready by now. Actually by last week. So I wanted to give you all an update on why it’s delayed and when you can expect to see some code.

As I posted back in February, I wanted to have the next alpha release out by mid-March. That didn’t happen, and it’s starting to look like early April before I’ll have something out. The reasons for this are as follows:

First off, you all should understand that I don’t work a regular 9-to-5 job like most people. In fact, I haven’t since last summer. I live solely on the income that I make blogging and from performing WordPress and other programming work for various clients. And while Bad Behavior has many generous donors, one of whom helped me obtain a computer when I needed it most, it isn’t enough to live on. Because of this, the work which generates the income that I live on must always come first. Unless Bad Behavior becomes a lot more popular than it already is, it will likely always take a back seat to the other work I must do in order to pay the rent and buy the groceries.

This means blogging and slinging code for anyone willing to pay for it. Almost. I did tell a splogger to go to hell the other day, and probably lost a couple hundred bucks. But some things just aren’t worth it. I’m trying to eliminate these guys, not help them.

Anyway, enough of that. For the past few weeks, I’ve had several clients engage me for various things, and actually been able to pick up a halfway decent desktop computer as well. And I’ll be working for at least the next week on a couple of other projects. And then there’s whoever else comes along.

Once I’ve gotten all this paid work off my plate, and have enough money to live on for a couple of months, then I’ll return to Bad Behavior with a vengeance. I’ve seen the spammers who have managed to evade Bad Behavior. They’ve hit me as well. And they’ve hit hard. For the first time I can remember, Bad Behavior is less than 80% effective, and that just won’t stand. I’ll be back on the case shortly, just as soon as I’m reasonably sure that I can stop taking paid clients for a short while and still have enough money to live on.

If you have suggestions for Bad Behavior 2, please leave a comment.

(By the way, if Bad Behavior 1 has blocked you, your friends, or a robot you want to crawl your site, read this.)


March 21, 2006 - Posted by | Bad Behavior, Blog Spam, Personal, Spam, WordPress


  1. Comment by Jimbo | March 21, 2006

  2. less than 80% effective, for the first time? Um, just an FYI, Bad Behavior 1 was roughly 5% effective when I implemented it on my (media)wiki. So I de-implemented it.

    I like the concept, but I don’t think it’s anywhere near as universally effective as you think it is.

    Comment by Jimbo | March 21, 2006

  3. Hm, I don’t recall offhand receiving any trouble reports from you. I could be wrong, though; I get a LOT of mail.

    On the other hand, I receive reports all the time from MediaWiki users who say it’s quite effective at curbing vandalism. šŸ™‚

    Comment by Michael Hampton | March 21, 2006

  4. I didn’t submit any trouble reports. It was doing what it was supposed to do; I checked its logs and deliberately simulated a condition that was supposed to trigger it, and it did. That just didn’t help any with my particular spammer problems.

    The only thing I’ve found to be really effective is SURBL style blacklisting, preferably with locally-updatable SURBLs as well as collective ones.

    Although it also helps to blacklist the IP subnets of all the biggest rent-a-server colos, since a lot of the Russians are starting to just do their comment spamming straight from either their own webservers or from compromised webservers (and nobody should be trying to post comments / articles from a headless colo box anyway, so “friendly fire” is pretty much negligible on that).

    Comment by Jimbo | March 22, 2006

  5. I had more problems with the SURBL blacklisting. Even getting it updatable, it was hard to get more that one listing to work correctly, due to weirdness with how MediaWiki handled the blacklist code. Bad Behavior is lower on my CPU cycles, and catches up to 99% of my wiki spam. Not so much on my blog, sadly.

    Comment by Ipstenu | March 22, 2006

  6. I don’t know how I’m supposed to know how effective Bad Behaviour is. I’ve been using it on my WordPress blog for many months, though recently the amount of spam getting through has been high. But how can I know how much has been blocked?

    Comment by beev | March 24, 2006

  7. Bad Behaviour Stats will tell you that. šŸ™‚

    Comment by Michael Hampton | March 24, 2006

  8. Where do I find the stats?

    Comment by beev | March 24, 2006

  9. Bad Behaviour Stats is a plugin. Google will tell you where it is (because I don’t remember).

    Comment by Michael Hampton | March 24, 2006

  10. Thanks.

    Comment by beev | March 25, 2006

  11. Good to hear you’re still alive. =) I love the idea of Bad Behaviour, and I hope you get the time and funds to see it to maturity.

    Comment by Sy Ali | March 26, 2006

  12. […] Michael discussed the current state of Bad Behavior v2. […]

    Pingback by » Blogroll Dive: 3/27/06 | March 27, 2006

  13. Meant to post this the other day, but found that your comment submit button doesn’t work in Pocket IE on Windows Mobile 5.0. I know mine does. Do you do some extra jscript there or something? …on to the real comment:

    I’m with the wiki guy above. BB is great, BB is good. But it doesn’t catch the kind of wikispam I get. I’m sure its doing a bang up job of referrer spam, and maybe its killing a lot of stuff I never see. But a lot passes through. That being said, as you may know if you got that email I sent to you a few days ago, the wiki spam I was getting did have a certain http header pattern. I don’t know if what I saw was typical but only the bots were doing it so I felt pretty confident about adding a filter for it to bad-behavior-http-headers.php. The header is ‘Expect’ and the value was ‘100-continue’.

    Ok that’s the story. My suggestion for BB would be to have an integrated log parsing utility which one could comb through in order to find patterns of missed spam, and then with a few clicks, add new filter rules.

    Keep up the good work. šŸ™‚

    Comment by halr9000 | April 3, 2006

  14. Hm, if the submit button doesn’t work, it’s Pocket IE’s fault. Go get a Palm Powered smartphone instead. šŸ™‚

    Comment by Michael Hampton | April 3, 2006

  15. Yeah yeah, MS sucks, etc. šŸ™‚ I used to be a Palm fan. In fact my wife still calls every PDA I’ve owned since then my Palm Pilot. But Palm lost, man.

    Learning anything with the bb+akismet test?

    Comment by halr9000 | April 5, 2006

Sorry, the comment form is closed at this time.

%d bloggers like this: