Aaron Parecki

#spam

• Blocking Domains in webmention.io

  Aaron Parecki

  Mon, Dec 17, 2018 1:24pm -08:00

  For the past week or so, I've been getting a series of Pingbacks from a spam blog that reposts a blog post a couple times a day as a new post each time. It's up to about 220 copies of the post, each one having sent me a Pingback, and each one showing up in my reader as a notification, which also causes it to be sent to my phone.

  

  Since I use webmention.io to handle my incoming Webmentions (and Pingbacks), this would be the best place to block the site, rather than filtering it out in my reader or my website. 

  Webmention.io previously had no way to actually completely block a domain. As Webmentions have started growing in popularity, it's become obvious that we need more tools to combat spam and abuse. While this site was actually sending me Pingbacks, the same applies to Webmentions.

  Today I added a new feature to webmention.io to allow people to entirely block a domain, and delete any webmentions received from that domain. 

  

  From the dashboard, you can click the "X" on any recent webmention, or you can paste a URL from one you've received in the past. You'll be taken to this screen where you can either delete just the one webmention, or entirely block the domain.

  Once you've blocked the domain, it will show up in your blocklists page!

  

  I hope this helps others keep out spam as well! I'm sure looking forward to never seeing that notification on my phone again!

  Portland, Oregon • 52°F

  4 likes 1 bookmark 2 replies 2 mentions

  #webmention #p3k #block #spam

  Mon, Dec 17, 2018 1:24pm -08:00
• Chris Aldrich https://boffosocko.com/

  Something got me thinking about comments on my website here. Almost no one posts native replies on my posts. I’d have to think that 99.9999% of all the replies on my website are now via Webmention. Perhaps I should cut off native replies just to cut back on the amount of spam I get? Hmmm….

  Bellevue, Washington • 44°F

  5 mentions

  #indieweb #social-stream #spam #webmention

  Mon, Dec 10, 2018 8:38pm -08:00 (liked on Mon, Dec 10, 2018 10:49pm -08:00)
• aaronpk https://github.com/aaronpk   •   Apr 1

  #25 spam prevention
  

  I like the idea of giving the community the ability to help with this. That also happens to be the easiest thing to implement. Loqi now has a new !kick command.

  • If you are +v (you're registered on irc-people), you can use the new !kick command
  • You can say !kick foobar to kick that person from the room, but only if they joined less than 5 minutes ago

  Portland, Oregon • 53°F

  #irc #spam

  Sat, Apr 14, 2018 9:34am -07:00
• 

  If your unsubscribe link asks me to type my email address before it unsubscribes me, I'm marking your email as spam.

  Portland, Oregon, USA

  5 likes 1 repost 8 replies

  #email #spam

  Thu, Dec 15, 2016 8:37am -08:00
• 

  Some select quotes from this fantastic post by someone who used to work on the Gmail anti-spam systems.

  Portland, Oregon, USA

  1 like

  #spam #vouch #indieweb

  Tue, Aug 16, 2016 8:10pm -07:00
• https://aaronparecki.com/2016/08/16/15/spam
  

  > Another approach would be to allow cross-signing - an entity with good reputation can temporarily countersign mail to give it a reputational boost and trigger cross-propagation of reputations. That entity could employ whatever techniques they liked to verify the senders legitimacy.

  Portland, Oregon, USA

  #spam #vouch

  Tue, Aug 16, 2016 8:03pm -07:00
• https://aaronparecki.com/2016/08/16/15/spam
  

  > When you have central control everything becomes a million times easier because you can change anything at any time. You can terminate accounts and control signups. If you don't have central control,
  you have to rely exclusively on inbound filtering and have to just suck it up when spammers try to find ways around your defences.

  Portland, Oregon, USA

  #spam

  Tue, Aug 16, 2016 8:01pm -07:00
• https://aaronparecki.com/2016/08/16/15/spam
  

  > All major webmail and social services force users to perform phone verification if they trip an abuse filter. This sends a random code via SMS or voice call to a phone number and verifies the user can receive it. It works because phone numbers are a resource that have a cost associated with them, yet~all users have one.

  Portland, Oregon, USA

  #spam

  Tue, Aug 16, 2016 7:58pm -07:00
• https://aaronparecki.com/2016/08/16/15/spam
  

  > Gmail was hit especially hard by this because early on Paul Buchheit (the creator) decided not to include the client IP address in email headers. This was either a win for user privacy or a blatant violation of the RFCs, depending on who you asked. It also turned Gmail into the worlds biggest anonymous remailer...

  Portland, Oregon, USA

  #spam

  Tue, Aug 16, 2016 7:35pm -07:00
• https://aaronparecki.com/2016/08/16/15/spam
  

  > The reputation system was generalised to calculate reputations over *features* of messages beyond just sending domain. A message feature can be, for example, a list of the domains found in clickable hyperlinks. Links would turn out to be a critical battleground that would be extensively fought over in the years ahead.

  Portland, Oregon, USA

  #spam

  Tue, Aug 16, 2016 7:33pm -07:00
• https://aaronparecki.com/2016/08/16/15/spam
  

  > Eventually it had to be replaced with an online system that recalculates scores on the fly. This system is a tremendously impressive piece of engineering - it's basically a global, real time peer to peer learning system. There are no masters. The filter is distributed throughout the world and can tolerate the loss of multiple datacenters.
  
  > I don't want to think about how you'd build one of these outside a highly controlled environment, it was enough of a headache even in the proprietary/centralised setting ....

  Portland, Oregon, USA

  #spam

  Tue, Aug 16, 2016 7:32pm -07:00
• https://aaronparecki.com/2016/08/16/15/spam
  

  > The new definition of spam is "whatever our users say spam is", a definition that cannot be argued with and is simultaneously crisp enough to implement, yet vague enough to adapt to whatever spammers come up with.

  Portland, Oregon, USA

  #spam

  Tue, Aug 16, 2016 5:29pm -07:00
• 

  Now reading https://moderncrypto.org/mail-archive/messaging/2014/000780.html to get some ideas for https://indieweb.org/spam
  
  > I worked at Google for about 7.5 years. For about 4.5 of those I worked on the Gmail abuse team, which is very tightly linked with the spam team (they use the same software, share the same on-call rotations etc).

  Portland, Oregon

  7 replies

  #indieweb #spam

  Tue, Aug 16, 2016 5:15pm -07:00
• 

  Unexpected benefit of the Twitter "Popular in your network" email flood: finding old accounts I created in 2008 that I forgot about

  Portland, Oregon, USA

  2 likes

  #twitter #spam

  Wed, Jun 3, 2015 9:43pm -07:00
• 

  from:("popular in your network") -> delete #twitter #spam

  Portland, Oregon, USA

  1 like 1 reply

  #twitter #spam

  Sat, May 30, 2015 5:24pm -07:00
• 

  "Hi Aaron, I understand you are the person that manages most of the projects for Esri." ... I'm... flattered? #spam

  Portland, Oregon, USA

  2 likes

  #spam

  Thu, May 14, 2015 9:46am -07:00
• 

  How not to cold-email someone

  

  45.52172, -122.67821

  4 likes 6 replies 1 mention

  #spam

  Mon, Apr 6, 2015 12:41pm -07:00
• 

  I was wondering how long it would take people to spam Google Analytics. Looks like it's happening now. http://www.ditherandbicker.com/posts/2015-01-10-rip-google-analytics.html

  Portland, Oregon, USA

  2 reposts

  #spam #google #googleanalytics #analytics

  Sun, Jan 11, 2015 5:44am -08:00
• Hashcash (en.wikipedia.org)

  Hashcash is a proof-of-work system designed to limit email spam and denial-of-service attacks

  #crypto #DOS #email #hash #security #spam

  Wed, Aug 8, 2012 8:51pm -07:00
• Penny Black (research.microsoft.com)

  #cryptography #email #indieweb #messaging #spam #tantek

  Thu, Aug 4, 2011 12:55am -07:00