I own a Lexus. I bought it at Lexus Monterey. I take it there for service. Sometimes I schedule service online, at their web site, but I’ve never given them an email address. Lexus does have one email address for me, but it was a throwaway for a sales event, and it’s never been used since.
While cleaning out the folder that SpamSieve tosses obvious spam into, I found a message from Lexus Monterey, containing details of my car and mileage, reminding me to schedule appropriate service.
It was sent to an email address that has never received anything but spam. I don’t even know who I originally gave it to, but it definitely wasn’t Lexus (and, by the way, not Calumet Photo, who also sends things to it…). For years, I had a special blackhole rule for that address, because it was the source of 40% of my spam.
Lexus Monterey didn’t send this mail. idriveonline.com did, and they helpfully set up an “account” for me, including both username and password in the mail.
Now why would Lexus send me to a third-party service-scheduling site, when they have their own? And why would they buy a mailing list from a spammer and cross-reference it with their customer database? Hmmm…
This morning I found myself with the urge to search for two of the best stories about the early days of WebTV. Everyone involved has long since moved on to greener pastures, so I was sure at least one person would have spilled the beans.
No. Google searches for both “webtv reindeer games” and “webtv launch day fuck” return nothing relevant. Perhaps it’s time for Rory to update his blog with a tale of The Good Old Days.
It’s been a while since someone was stupid enough to go to the trouble of coming up with a script for spamming my comments. Stupid not just because I’m small-fry who can’t significantly affect his client’s page-rank, but also because my comment pages are not indexed by any search engine.
So, a quick delete from comments where author is like “%phenter%” or author is like “%roulet%” combined with a quick pfctl -t badlife -T add 18.104.22.168 22.214.171.124 126.96.36.199 188.8.131.52 184.108.40.206 220.127.116.11, and the problem goes away again.
If I get another attack in the next week, I’ll change the comment URL and add the current one to the insta-ban trap in robots.txt. That’s the most I’ve ever had to do to maintain several months of trouble-free open commenting.
[Update: sigh, add “%viag%” and “%ltram%” to the expression list, and 18.104.22.168 to the banned IP list. Time for a new disguise, I suppose; I’d hate to go off to Vegas and let some moron think he’s accomplished something clever.]
I’ve been playing with jQuery recently. The major project I’m just about ready to roll out is a significant improvement to my pop-up furigana-izer. If native tooltips actually worked reliably in browsers, it would be fine, but they don’t, so I spent a day sorting out all of the issues, and while I was at it, I also added optional kana-to-romaji conversion.
I’ll probably roll that out this weekend, updating a bunch of my old Japanese entries to use it, but while I was finishing it up I had another idea: effective spam-protection for email addresses on my comment pages. The idea is simple. Replace all links that look like this: email with something like this: email, and use jQuery to reassemble the real address from a hash table when the page is loaded, inserting it into the HREF attribute.
A full working example looks like this:
…is WIE pronounced “whyyyyyyy?”?
Quick notes based on running the new IE7 under Parallels on my Mac:
More later, if I find a reason to care…
[Update: The WIE team claims that :hover now works, but I can’t seem to set background-color with it. Eh, “standardization; who needs it?”]
Going through my Quarantine folder, I found something that had all the hallmarks of spam: a hotel reservation confirmation for a city I’ve never visited (Orlando), sent to an email address I would never have handed out for that purpose (email@example.com), with graphics and links coming both from the real site and elsewhere.
When I read the raw source of the message, though, I started wondering. All the Marriott links actually go to the Marriott web site. Everything is spelled correctly, with no attempt to hide spammy keywords. The headers all look legit. Even the links to elsewhere go to legitimate travel-related sites.
Then I remembered My Evil Twin, who, by the way, lives in Boca Raton. I guess the other Jay Greely and his lovely(-sounding) wife are off for a little R&R, and they mistyped their .Mac email address again.
YouTube stopped working a while back on my Quad G5. Videos played, but with no sound. All other forms of video worked fine, and the exact same video would work if I downloaded it manually and ran it from a different FLV player.
I reinstalled Flash, I wiped caches to make sure I didn’t have an old version of the YouTube flash player, grabbed the latest version of Firefox and tried it there, etc, etc. No change. It wasn’t a big problem, since I usually don’t surf from that machine, but I finally spent a few minutes chanting Google incantations and found the answer:
Run the Audio MIDI Setup utility and change the Audio Output Format back to 44100 Hz
Current stats across all my email accounts: 115 spams/day, 30 of them caught by Mac Os X’s Junk filtering, 85 ended up in my Quarantine folder (people who aren’t in my address book or email history).
Best news: 0 false positives in the most recent ten days worth of email. By its nature, the Quarantine folder will occasionally contain real email from someone who’s trying to reach me for the first time, but I have a variety of other rules that do a pretty good job of detecting common cases. I also create custom addresses for every new vendor and site membership, and a monthly disposable address for this blog, and all of those get filtered into special folders.
I haven’t set up anything more sophisticated, largely because the problem is under control. About twice a month, something makes it into my real Inbox, and that’s not worth the effort.