Have spammers found a new way of using Blogs?
by Duncan
October 6, 2003
Regular readers to the Blog Herald would have noticed the rather bizarre link in our open referral log that reads: Discount Term Life Insurance – Save 70%. Always keen to check out referrals we visited the site and found no links to the Blog Herald. We thought nothing of it, until scanning Daypop’s Top 40 links and discovered the same link at No.3. Now given that the site doesn’t link to anywhere but its own server, how is it there on Daypop and The Blog Herald? Whilst some sites have dealt with Blogspam from this person/ site, how does it become a referrer? or do the spammers have a new method of manipulating blogs and blog lists? Any thoughts welcome.
They simply request a page from your site and forge the http request header.
Here is an example request.
GET /archives/cat_blog_review.html HTTP/1.1
Host: http://www.blogherald.com
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.6a) Gecko/20030926 Firebird/0.7+
Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,video/x-mng,image/png,image/jpeg,image/gif;q=0.2,*/*;q=0.1
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 300
Referer: http://-THIR-SITE-HERE/
Connection: keep-alive
Thanks to everyone for the insight as to how this is done, just saw an article which puts a different slant on the issue
http://www.virtuelvis.com/archives/121.html
although I dont agree with all of what he is saying it is none the less interesting.
Blog spam is getting to be a real problem. I just started getting some this week, and I’m gonna nip it in the bud. I downloaded and installed this: http://www.jayallen.org/misc/projects/mt-blacklist/
Rauchen in der schwangerschaft schadet ihrem kind edustartpage