Impossible to tell if it’s a focused attack or just a bunch of random comment spammers, unless all the comments come from a limited number of IPs. If so, just blacklist the IPs.
There’s a number of plugins that limit comment spam. There’s some suggestions in the Codex as well. To block bogus email domains, you can require a verification response from an email you send. Plugins exist to do this. Your script could just check the that domain is registered and has a valid MX record: checkdnsrr( $mailDomain, "MX" );
I wouldn’t query an SMTP server for a valid mailbox though. It’s still not totally reliable, and your server can get blacklisted for namespace mining.
Thread Starter
BertC
(@bertc)
As it turns out, it seems that there are only 2 networks from which the emails are coming from. So, I’m going to try and blacklist these. What is an MX record?
Thread Starter
BertC
(@bertc)
How would I block these two IP addresses, or range of addresses, with WordPress? Do I need a plugin? What plugin would do it? I see where I can block domains, but I have hundreds and hundreds of domains, all of which seem to be from only 2 IP networks.
Thread Starter
BertC
(@bertc)
This is an example of the hundreds and hundreds of emails I am receiving-
A new comment on the post “Not again!” is waiting for your approval http://www.401kpreservation.com/not-again/
Author : Online casino us (IP: 96.47.224.42 , 96.47.224.42.static.quadranet.com)
E-mail : tthrpncvqp@wbkftg.com
URL : http://armandoorzuza.com/
Whois : http://whois.arin.net/rest/ip/96.47.224.42
Comment:
xbxjn512lqsftfswbujpo, Casino online promotions, zSLvTEw, [url=http://armandoorzuza.com/]Casino online roulette[/url], zvQZjge, http://armandoorzuza.com/ Casino Online, GazLzeN.
Approve it: http://www.401kpreservation.com/wp-admin/comment.php?action=approve&c=904
Trash it: http://www.401kpreservation.com/wp-admin/comment.php?action=trash&c=904
Spam it: http://www.401kpreservation.com/wp-admin/comment.php?action=spam&c=904
Currently 617 comments are waiting for approval. Please visit the moderation panel:
http://www.401kpreservation.com/wp-admin/edit-comments.php?comment_status=moderated
The websites seem to be legitimate. However, the email addresses are all very similar to this one- they are bogus. How can I block these “comments” with these fake email addresses from posting a comment on my site. I am not a designer or programmer, so I am in need of some help. Thanks.
MX record indicates the domain has a functioning mail exchange server to process email messages.
Block comment IPs under settings>discussion>comment blacklist same as domains, works either way. No plugin required, just enter IPs, one per line in the box. You can block IP ranges by truncating the last numbers, for example, you can block 11.22.11.0/24 by just entering 11.22.11. including the last dot. If anyone were watching a comment submission from a blacklisted IP, they would see the page reload and nothing else. WP will just dump the comment without notice. The only evidence there was an attempt to post a comment would be a POST record in your server logs.
Moderator
Jan Dembowski
(@jdembowski)
Forum Moderator and Brute Squad
I am getting hammered on my blog with 200 – 300 comments a day
Well don’t get down about it, if your site becomes more popular you’ll soon be in the 1,000s of comments per day. 😉
Yes, I’m messing with your sense of humor. Each and everyone of those comments is just SPAM, it’s not a brute force attack, it’s just the consequence of having comments on the Internet.
My suggestion is this: if you haven’t already done so, install these two WordPress plugins.
http://wordpress.org/extend/plugins/akismet/
http://wordpress.org/extend/plugins/cookies-for-comments/
You’ll need to sign Akismet and Cookies for Comments is just fire and forget.