Simon Willison’s Weblog


Tuesday, 2nd September 2003

Blacklisting Comment Spam

I’m fed up with comment spam. From now on, any comment I judge to be spam will be deleted, and the domains linked to from that comment will be blacklisted. Any future comments that contain links to those domains will be refused. My blacklist will be made available as a simple text file, one domain per line, at blacklist.txt. You are welcome to grab a copy of that file once every 24 hours and use it as part of your own comment spam prevention system. I will manually approve all domains that are added to it to ensure only domains of a dubious nature end up blacklisted.

[... 185 words]

Show less errors

The W3C Validator team are seeking help with the latest version of their validator, dubbed the “Zeldman Made Us Do It!” release. They want people to play with the beta and submit suggestions for error messages that would make more sense to the average user. They also have a new feature called “fussy mode” which acts a bit like a lint tool for checking code, highlighting problems that aren’t necessarily illegal markup but may not be best practise techniques.

[... 501 words]

Googling for fun and profit

In the style of Mark Pilgrim, Googling for fun and profit.

[... 18 words]


My new favourite toy is SQLObject, an object-relational mapper which makes heavy use of Python’s special method names to create objects which can be used to transparently access and modify data in a relational database. I tried to write something like this in PHP once before and failed miserably, but SQLObject has such an elegant design that I’m just annoyed I didn’t find out about it sooner. Here’s some example code, adapted from the SQLOBject site:

[... 249 words]

Fighting Filters and DDoS

Paul Graham’s essays on fighting spam are generally excellent; it was Paul who sparked the recent flurry of activity surrounding Bayesian statistical filters and inspired the creation of some of the best tools for fighting spam yet. Paul’s latest suggestion, Filters that fight back, seems to me to miss the mark in a big way. Paul suggests email servers should “follow” links in any email received. This would turn the tables on spam, as suddenly sending out a million spams would result in a million useless hits to the site being promoted, quickly brining it to its knees. It’s a great concept, until some malicious script kiddie realises that they’ve been handed a tool to run massive distributed denial-of-service attacks on any domain they care to target. Not to mention that such a feature would make many legitimate mass email tools prohibitively expensive to run.

[... 190 words]

2003 » September