So some of you astute readers (ha ha! All three of you) may have noticed that this blog has been literally inundated with spam comments of late. For the last week or so, I’ve had to manually delete hundreds of crap comments advertising party poker and the like. The filters have caught most of them and held them in the moderation queue, but I’ve still had to do quite a lot of pruning.
So anyway, I started taking a look at the IP addresses from which these delightful messages are originating and found that virtually all of them came from a few addresses of the format 209.200.11.x. There were some from IP addresses in the 209.200.14.x block and several from 69.42.64.215. The interesting thing is that, without exception, all of this crap is coming from addresses allocated to Webair Internet Development, Inc., a hosting provider.
A quick Google search of one of the offending 209.200. addresses revealed hundreds of spam comments posted by that address. I remind you that we’re only looking at one address here, and many of the sites that turned up are powered by software that requires the administrator to explicitly enable public display of IP addresses (this blog doesn’t display IP addresses to the world, which is the default behavior for WordPress). So this is just the tip of the iceberg. Webair is hosting somebody who’s engaging in pretty large-scale abusive behavior.
My Googling also turned up a couple of other bloggers who’ve fallen victim to these same spammers, and have said they’d notified Webair’s abuse address — their Acceptable Use Policy clearly forbids this behavior. I find it interesting that Webair has apparently done nothing about this. I’ve sent them an e-mail as well and am waiting to see if I get a response. In the meantime, most of their range is IP deny’ed for this domain. That should eliminate…well, all of the spam, for now.
I’m more interested in what Webair’s going to do about it. I bet a hosting plan that comes with 20 IP addresses or so is pretty expensive.
Post a Comment