Well, maybe not yours, but if it qualifies for the following rules, it does. So check em out.
You can’t store my name. My name contains something called an umlaut which is used in Germanic languages like German (duh) and Dutch for instance. My name either turns up with a missing letter, or I get a funky character instead. It sucks. It means you can’t handle unicode or encoding properly. It sucks.
You send me my password in plain text email right after I register. Well, ok, the email used HTML encoding, but that doesn’t make it any better. Email is not safe. Really, it isn’t, so I’m glad I didn’t use a password that looked anything like a password I use anywhere else. This makes me think your coders don’t know what they are doing.
You chopped off my password after n characters and didn’t even warn me about it. Yep. As soon as I’m done registering I get this error message that my password is wrong. I just gave it to you silly twat, and it’s still in my copy buffer dammit, so it can’t be wrong!? Guess what happens when I do that password recovery thing by the way. Oh yeah. I get my password in plain text again, in my mailbox.
I find out there are some privacy settings in my account settings which where not presented to me when I created my account. How odd? Not really. Apparently I automatically opted-in on a bunch of possibilities to commercially exploit my info. Nice… not. I hate spam. It sucks.
Most of these are so easy to come by that it’s sad to see these practices still in use. Try any good web 2.0 service and you’ll see how to avoid these pitfalls, and learn about encoding dammit. Also if you’re registered to the Belgian newspaper site of Het Nieuwsblad, make sure you check your privacy settings, and skip on some of the spam-features they have. They suck.
I wrote before on how I used the so-called catch-all feature of the mail server to be able to use instant email addresses when subscribing to all kinds of stuff on the interweb right?
Well it turns out that this is a sweet idea as long as some lame-ass piece of spamming cunt doesn’t start using your domain in his random email generation script.
As soon as that happens you start getting huge amounts of error and anti-spam messages that bounce off email servers all over the net as the spammers mails hit unexisting addresses, or servers running some sort of email validation software.
So if you are using this catch-all, make sure that there is some way you can make the difference between the email sent to an address you are actually using, and the ones spammers have been so kind to invent for you. That way you can easily filter them and dump everything sent from fake addresses into a separate folder without having it clutter your inbox.
Funny, but the weekend seems to be the ideal time for spam bombardments. I’m getting hit by a ton of bounce emails from fake spam mails sent using my domain. This is a smart trick from the spammers of course, since they don’t give a toss about any possible replies, and even less about any of the mails that bounce off the servers because the recipients have long killed their address.
It surprises me a bit that so many servers don’t seem to be able to recognize the most blatant spam messages about getting bigger schlongs. Seriously that’s the word I’m seeing used frequently. Schlongs.
No wonder that spam is accounted for 90% or so of the internet traffic these days, and I’m not sure if bouncing mail due to it is also caught into this equation. I hope so. Damn.
It just shows how flawed the concept of email is nowadays. It simply wasn’t meant to be used like this I guess.
So who will invent the new email? It’s about time dammit.
Apparently I’m caught in what seems to be the receiving end of a spammers attempt to use my domain name as the vessel for creating random email addresses for his bulk of the day.
I keep getting replies from mail servers all over the interwebs telling me emails either got refused or that the recipient address simply doesn’t exist. I get those in my mailbox because I’m using a catchall forward for any mail that gets sent to my domain as an admin.
The problem with email, known to anyone with a bit of knowledge of the protocol, is that this kind of (harmless) domain hijack is something that any fool with the right tool can do, being it a simple mail client.
So if you ended up getting a lot of email from people with oddly looking user names from my domain, well… I’ll have to quote Bart Simpson and tell you it wasn’t me.
Spammers have a lot of tricks up their sleeves lately, and I almost fell for one of them a few weeks ago. I got this German email that looked like I was being sued for something. Now I don’t master the German language, but it’s close enough to Dutch to get the general idea that someone thought that I was some vile spamming bastard, and they where going to get my ass for it too.
This is kinda scary really, because the text itself seemed to be legit. Not that funny Ingrish style stuff you know is spam, but that typical lawyers style incomprehensible lecture.
What triggered a little alarmbell in my head however was that there where some odd looking email addresses in there, and none of them where from the same domain.
First of all it was sent to the info@ address of my domain, which I don’t use or publicise, but since emails are automatically forwarded to my general account I get them anyway. The domain the email came from was also not the domain who had been receiving the spam, which doesn’t make much sense. Last, the lawyer to contact concerning the matter had an odd looking address as well.
So instead of replying to the email telling them they probably made a mistake, which was my initial intention, I forwarded it to someone who actually speaks German and could help figure out if this was for real or not.
He got suspicious as well about the email addresses, and he also knew that the domain the email was coming from was known for it’s free email accounts, which where frequently used by spammers to spread their junk. That, together with some Google searches on phrases from the email made it clear this was just a bait email.
It turns out the content of the email was actually put online by a real lawyer, to be used as a template for anyone who had been targeted by a spammer. But now spammers are baiting domain admins with this, by randomly mailing general email addresses hoping they will reply anything, which will give the spammers yet another active email address.
Here’s the full email in cause you’re interested.
Don’t let these bastards fool you!
Since I switched from Blogger to WordPress I have been getting more comment spam. Blogger used a captcha technique which seemed to be blocking the spam, or maybe just because my blog wasn’t quite that visible to spammers on Blogger. But now that it’s on WordPress things are different.
In fact, I’m guessing that those handy blog-ping update services are used by vile spammers to detect new blogs using blogging software like WordPress that their spamming scripts are written for.
Early this week I was getting hit by another spamming round and I was getting unintended notifications of these crap posts in my GMail because of emails bouncing from the invalid auto-generated emails.
I cleaned up the spam comments asap, cause I hate to see them pollute my blog, but I wanted to find a more permanent solution for the problem.
I didn’t quite think of it but WP already has a plugin ready for spam control called Akismet. I didn’t activate it before because I had to go through the trouble of getting a WordPress API key from the WP site. This time the spammers annoyed me enough to do so.
Posts now get automatically scanned by the Akismet engine, and right now it has trapped 37 comments, all spam, and I didn’t have to do jack for it.
So for anyone out there with a WordPress blog and a spam problem. Get that plugin registered and relax. It’s sweet.