Spammers *war* next phase...
of what will be my strategy and the next changes on the site.
Actually each page of the site has a couple of "booby traps" for spammers, they are links that can't be seen by a "human" but that a non human bot will follow going to the spammer honey pot. If the bot is from a search engine nothing will happen, if the ip address is not from a search engine the information will go to "project honey pot" giving to the ip address the rank of "harvester or spammer bot", the result is that if this bot go to a lot of honey pots installed on different sites, its rank as offending IP address increases and here comes the second part:
If it's a known IP, already ranked at project honey pot, it can't access the site, the spammer go to a dedicated page instead, a document explaining theat spamming and harvesting on the site is not allowed.
offending IPs targeting PF can be seen here : http://www.projecthoneypot.org/bsh_...J5PTE.?rf=42267
(the italian one is the IP of Alcide , due to his particular network here in Italy
, I had to specifically exclude it from the function and it's the reason why I sent that email to the active users because it could happen to legitimate users too)
All these countermeasures will ease a lot my daily work in checking the credential of new registrations but it won't stop ALL the attempts. but however, I'll see how the situation evolves in the next weeks, if the rate of the spammers decreases a lot my project is to:
-uninstall the actual "approval" mod for new users that is no more working properly
-install a mod that disallow posting of attachments and external links to new users or users not in a certain group
-go back to the simpler "activation by email" method instead of the actual "admin activation"
-rest on the sofa watching TV
The actual way the site is set is causing some troubles, because people has to wait me for the approval (and i can be sleeping , at work or away) and someone become angry because they have to be approved a second time when the begin to post, so I have to change strategy.
The goal of the comment spammers is to place links to the sites they are advertising on all the possible places , all these links go on sites that sell Viagra, porn or online gambling/casino site. Why ? because people want to go there, you can read an interview with one of those individuals here : http://www.theregister.co.uk/2005/01/31/link_spamer_interview/ , and what they do is LEGAL unless elsewhere stated, this is the reason why I changed the agreement for that one has to agree during the registration process.
We have also some tries to hack the site with some code "injection" , they are stopped by the crackertracker and logged so that I can ban the IP address, good news is that those "hackers" are using the same open proxies of the spammers so they should fall in the honey pot too.
The rest has been stopped by the antispam filter 
So this system is working and the site is returned simple to register as it was in the past...
, the spammer bots don't read the "terms and conditions" of the registration page... Mmmmh... Ok NO ONE does, however the difference is that a human has to click the "accept" button while the bot gives to the site the direct link to the following page , something with "register?agreed=true" at the end of the address, so now when one clicks the button the link has changed to somehting different (with "registar" instead of "register" in the link...) while if the site receives the old link it's obvious that it's a bot, so it is pulled directly in the honey pot, the claymore ignites and it goes directly into the big black list 
I want someone of those exploding woopie cushions , rofl 
are keeping out spammers . It's a kind of fun to read the log, one can see the strategy used: everyone of this spammers uses an open proxy, I got tired to ban all that addresses, it's useless because they are thousands and the site seems to resist to Denial Of Service attacks.
