Lunacy Unleashed

Notes from the field in the War on Spam

E-mail with viruses is not from me

Some malicious software has gotten hold of the badbots at ioerror dot us email address and is sending out large numbers of e-mail messages with viruses and Trojan horses embedded in them, faking the From: e-mail address.

These e-mail messages do not originate from me and should be discarded unread. Under no circumstances should you open the attachment in these fake messages, as it contains malicious software.

I will probably change this e-mail address in the near future.

July 7, 2006 Posted by | Bad Behavior, Spam | 1 Comment

Bad Behavior 2 for ExpressionEngine

Paul Burdick of pMachine has managed to put out a port of Bad Behavior 2 for ExpressionEngine in the record time of “an hour this afternoon,” he wrote on the EE forums Thursday.

I took a quick look through the extension and to my eye it looks good. I haven’t tested it myself, but the early results on the forum suggest that it works OK.

Check out the EE forum thread for more info and to download the extension.

Please note these special installation instructions:

You need BOTH the bad_behavior extension from EE AND the standard Bad Behavior download.

To install it: Unpack the stock Bad Behavior download, and you’ll find a Bad-Behavior folder. Inside THAT folder is a bad-behavior folder. Upload ONLY the bad-behavior folder from the stock download, along with the ext.bad_behavior.php from the EE download, to your EE ./system/extensions folder. Then upload the lang.bad_behavior.php file to your EE ./system/language/english folder.

You can then activate and configure Bad Behavior from the Extensions Manager. The ‘strict’ and ‘verbose’ settings should work as for the other ports. I don’t know if the ‘display_stats’ setting has been implemented; I think on EE it probably requires a template change at least…

Thanks, Paul!

July 7, 2006 Posted by | Bad Behavior, Blog Spam, ExpressionEngine, Spam | 15 Comments

Bad Behavior: Your first line of defense

In the two days or so since I released Bad Behavior 2, it’s been downloaded 267 times. That’s 267 (or more) people enjoying the peace of mind that comes from knowing that web spam doesn’t have to be a nightmare. If you’re reading this, you are probably one of them. Congratulations!

Since I have a lot of new subscribers lately, this seemed like a good time to talk about what Bad Behavior is, what it isn’t, and how it fits into an overall spam prevention strategy.

First and foremost, Bad Behavior is an open source project developed by a stressed and overworked guy (me) with a high profile blog (Homeland Stupidity) in my limited spare time between finding people who want code written for cash and writing that code. If you’ve been around a while, then you know Bad Behavior 2 was delayed for months for just this reason, and was released without all of the planned features.

So the project relies on contributions from its users to allow me to devote more time to Bad Behavior, rather than the other projects which usually pay the bills. Tens of thousands of people use Bad Behavior now, but the number of people who have contributed financially over its lifetime is fewer than 100. (If you’re one of them, you can skip the next section.)

For those of you who have used Bad Behavior and enjoyed not having ads for Viagra, poker, forex, and gawd knows what else for all this time, you should first upgrade to Bad Behavior 2 to get the additional protections it provides. Then by way of saying thanks, buy me a beer. 🙂 Okay, you can’t do that online, so consider dropping off $5.00 or £3.00 or €4,25 instead. Or if you feel it’s really worth it, you can contribute more from the sidebar.

Your contributions will allow me to devote more time to further development of Bad Behavior. This is sorely needed because, despite the best efforts of the brightest minds on the Internet, spam isn’t going away anytime soon. (We just haven’t figured out how to deliver electric shock over the Internet yet.) This will allow me to spend time on solving your spam problem so you don’t have to.

Bad Behavior is completely different from any other anti-spam solution out there, in that it doesn’t specifically target spam itself. Rather, it targets the methods by which the spam is delivered. Until I released the first version last year, this approach had never been tried. It proved very effective at stopping a lot of malicious activity, not just spam: It also blocks many email address harvesters, meaning less e-mail spam, and some types of automated cracking attempts, improving your server’s security.

While a somewhat similar solution called mod_security exists, it has a rather different purpose, doesn’t target spam, and regular people can’t install mod_security on their shared web hosting accounts. Bad Behavior blocks spam as well as other malicious activity and can be installed by anyone (except GoDaddy customers).

On some high traffic sites, or those specifically targeted by spammers, the traffic from these spam attacks can be so excessive as to exceed your account’s bandwidth limits, or overload the server, and cause your account to be suspended. Bad Behavior helps to prevent both of these situations by blocking malicious activity as soon as possible, before either bandwidth or CPU are expended on a request which will turn out to be bogus.

But because Bad Behavior intends to block no legitimate users whatsoever, it must necessarily let some things pass. Consider it your first line of defense, and back it up with a secondary line of defense in the form of a more traditional anti-spam tool for your platform. For WordPress, this can include Akismet or Spam Karma 2.

You absolutely should use both, as what will happen if you use only the secondary line of defense is that your administrative screen will rapidly fill with so much spam that you won’t be able to find and recover the occasional legitimate comment that those tools block. By blocking most spammers before you ever see it, the amount of garbage you have to sift through to find legitimate comments, or the number of edits you have to revert on your wiki, is greatly reduced.

In this way Bad Behavior saves you time and frustration. And this is why I think you should continue to support it: it gives you peace of mind by turning spam from a colossal nightmare into, well, not much at all.

July 7, 2006 Posted by | Bad Behavior, Blog Spam, Spam, WordPress | 8 Comments