I just spent about 20 minutes doing my regular spam rotations- this is a shuffling of my MT blog script names, changing of the required key phrases on some of the sites. I have a half written post I’d like to finish soon on what to do to make yourself less of a target. In a nutshell, anything your blog does that is outside the patterns of the defaults settings makes it harder for the spam harvesters. So if your MovableType comments script is named “mt-comments.cgi”, well you are wearing a sign on the back of your shirt that says “Spam Me”.
While doing the routines, I saved and recycled the MT activity log- woah, is there a lot of stuff the MT Blacklist plugin stops cold. In fact, it sure looks like the cause of some of our server outages a few weeks ago was repeated spam attempts.
Just looking at the activity on February 12, a spammer was knocking (unsuccessfully) at several blogs on my server 565 times in one day, with 230 repeated attempts in the span of one hour. In that span, no IP number was used more than 3 times.
They say persistence pays off, but I am not seeing or allowing any payoff. I have a whole raft of data to toss into my spam tracking tools. Time to call out the dogs.