July 29, 2006
What Constitutes an Effective Spam Prevention Strategy
Spam, spam, spam, spam, spam. There are few things that drive both system administrators and users up a wall as much as spam. Spam is always a cat and mouse game, with spammers always trying the newest tactices and system administrators working to stay on par and let the least bit of unsolicited spam get through.
There are numerous ways to prevent spam. At the highest layer, we have per-application spam prevention. MovableType, the software that powers this blog has spam extensions installed. Excessive use of trackbacks and comments are flagged as spam. In addition, bloggers report messages as spam, submitting them to a central blacklist shared among all users. This method has its advantages. For one, normal people have control over the blacklisting. If somebody is accidentally banned, it can easily be undone. The disadvantage to this method is it only protects one application at a time. What happens if you have multiple applications on your web server?
One means to protect all applications on your server is ModSecurity, an Apache module. With mod_security, you can block spam before it ever gets to your application, saving precious CPU cycles for web applications. ModSecurity can also prevent malicious attacks on your web server too, an added bonus!
Today, after waiting too long to do anything about the spam on opensource.case.edu, I am installing ModSecurity on my server following the instructions at www.gotroot.com. With any luck, new spam on opensource.case.edu will stop, and I can focus on removing existing spam.
If all goes well with the install, I will report back my findings in a later post.
Trackback
You can ping this entry by using http://blog.case.edu/gps10/mt-tb.cgi/9048 .
Comments
I've been considering deploying mod_security, also, on the blog system.