Is there still an issue with SpamLookup and CPU hogging when under an intense spam attack? I know when something similar happened with MT-Blacklist (long since fixed), a number of hosts started shutting down the sites of MT users and not allowing new MT installs.. would hate to see that happen again..

My 2cents worth: I still think relying on external resources to check for IP or domain name matches is not desirable (and yes, I know I can switch that functionality off, but then what's the point in even having the plugin bundled in that case).. if those services like blitzed.org or any routers inbetween are down or slow, it can certainly have a detrimental effect for the site visitor trying to comment.. in fact I wondered if that is why it takes so long for a comment to be processed after hitting the submit button on this very site too...

Personally I prefer having everything on the same server, as was the case with MT-Blacklist users having their own personal blacklist database - if there's a delay, it's because of the website's server itself, not some external source beyond their control...

Jay, once MT3.2 goes out of beta, do you still intend to put a new tweaked release of MTB? I asked on your Comment Spam Clearing House blog, but I don't think you have the time to check there or on the support forums at the moment (busy busy burning man)

cheers

hmm.. SpamLookUp only operates at system level, not at blog level? ie: it covers all blogs on an installation or none, correct? ..or perhaps that's a bug - there's no mention of SpamLookUp on the plugins page at blog level, only at system level.

It looks like spamlookup lost the ability to scan all your old comments for spam. Is that coming back, or am I just not looking in the right place?

Thanks for the bundled release, BTW. I'd just opened a ticket on Spamlookup not working with 3.2b3 30 minutes ago, and now I've got it all reinstalled and working great.

I agree with Demon - local database of spammers is desirable, as is the reporting upload. I'd far rather see MTB bundled than spamlookup. Though if the functionality of MTB could get bundled into spamlookup, that'd be even better, with a toggle to control which behavior (live lookup vs local database).

I have been utilizing MT 3.2 in a separate test blog altogether. I wanted to try the 08092005 nightly build, so I deleted my previous MT 3.2b3 install and started from scratch. Now my dilemma: I go to run mt-check.cgi, and nothing comes up. Total blank white page, and no errors in my web server error log.

Help..?

Okay, scrap that last post.. it loaded now. Very strange. :/

What version of HTML::Template is required to run the 08092005 nightly build? I have 2.4 installed, but for some reason I am still getting an error loading, ironically, error.tpl. :/

Error(s) are as follows:

Can't load error template; got error 'Loading template 'error.tmpl' failed: Undefined subroutine &HTML::Template::new called at lib/MT/App.pm line 688. '. Giving up. Original error was "use" not allowed in expression at /home/maya/publichtml/amplexus/cgi-bin/mt/extlib/HTML/Template.pm line 935, at end of line syntax error at /home/maya/publichtml/amplexus/cgi-bin/mt/extlib/HTML/Template.pm line 935, near "to use filecache" syntax error at /home/maya/publichtml/amplexus/cgi-bin/mt/extlib/HTML/Template.pm line 941, near "Could not " (Might be a runaway multi-line "" string starting on line 935) "use" not allowed in expression at /home/maya/publichtml/amplexus/cgi-bin/mt/extlib/HTML/Template.pm line 941, at end of line "use" not allowed in expression at /home/maya/publichtml/amplexus/cgi-bin/mt/extlib/HTML/Template.pm line 944, at end of line Global symbol "$options" requires explicit package name at /home/maya/public_html/amplexus/cgi-bin/mt/extlib/HTML/Template.pm line 944. Compilation failed in require at lib/MT/App.pm line 649.

Again, if you have a bug, please file it.

If you need support, please post your comment to this entry.

You understanding is appreciated.

Anyone else found that MT-Blacklist no longer plays with MT since the MT3.2b-20050809 release? ..everything loads up ok but MT-Blacklist just does not get a look at incoming comments at all, even when I completely remove SpamFarkUp from the plugins directory.. Also, there is no longer a live link to the MTB main menu from the list of plugins at the systemwide level in MT, just non-linked text saying 'Blacklist/blacklist.pl' ..not good.. and SpamFarkUp isn't even blocking half the spam the MTB did. Still amazed 6A went for an IP based spam solution, which is long known to be an exercise in futility. I'm not a happy camper at the moment..

and yes, I filed a bug report for what it's worth.

ermm.. seems I need to apologise for insulting Brad's skills with SpamLookUp and to 6A for ranting about MT-Blacklist being messed up by the latest nightly. Tweezerman has been able to get MTB running ok, so it must be my problem. Sorry, not having a good day here... :(

I must say, I was a little surprised at your reaction, Marcus. Blocking a single IP (useless!) is not the same as junking all comments/TrackBacks from anonymous proxies (through which nearly all comment spam is injected) and containing known spam domains.

That's right. Anyone who has actually given it half a chance would know that SpamLookup is not just IP-based. It even contains it's own blacklist functionality which does a better job than Blacklist. What's more, unlike MT-Blacklist, it is a set-it-and-forget-it defense.

In short, Six Apart went with a bundled SpamLookup because it is the absolutely best anti-spam defense next to TypeKey, and we already offer that freely to all Movable Type and TypePad users.

If you need better proof of its worthiness, you need look no farther than the fact that I still run only SpamLookup on my own blog. As you know, I've always said that blacklists were not a viable long-term solution. But until there was, it was the best one. Now there is.

Is there any way (or planned functionality) for users to have the entire blocked IP database on their home server, and then just parse for updates to it every 24 hours, much like MT-Blacklist, rather than having every comment and trackback checked against an external DB source as they come in?

I'll have to have a better look at the blacklist functionality of SpamLookUp.. if it can differentiate like MTB did with different data types (like some which only match URL strings, other which will match anything in a comment, text or otherwise, and then regex types as well) then it virtually would be MT-Blacklist!

..the moderate after X days will certainly be missed.

Is there any way (or planned functionality) for users to have the entire blocked IP database on their home server, and then just parse for updates to it every 24 hours, much like MT-Blacklist, rather than having every comment and trackback checked against an external DB source as they come in?

We don't control these services, so you'd have to ask them.

if it can differentiate like MTB did with different data types (like some which only match URL strings, other which will match anything in a comment, text or otherwise, and then regex types as well) then it virtually would be MT-Blacklist!

It does. The only thing that MT-Blacklist does better is display the entries. Of course, in my own research, I found that most of the domains added to the blacklist were never hit again, and I used my Blacklist almost exclusively to kill off actively spammed domains. For that purpose, you don't need more than about 20 or 30 entries.

..the moderate after X days will certainly be missed.

MT-Moderate and a few other plugins do this, I believe. What's more, there will be an ever increasing number of anti-spam plugins coming out to compliment what we've provided and fit every need.

The important thing to understand here is that Movable Type has come so far since MT 3.0D, which is what MT-Blacklist was coded for. Blacklist has never been refitted to use the excellent APIs and is not only high-maintenance but also prone to cause data loss upon hitting a false positive. It was what was necessary at the time, but now we have more sophisticated and effective tools.

By the way, one last thing: We don't consider this the end of the road in terms of spam protection. Quite the opposite, actually. This is only the beginning.

We do consider this the end of one thing, however: the pain and anguish felt and time spent by our customers due to comment spam.

I really like all these new graphics for 3.2 on the website.. any chance of making them for lil' badges upon the release? :D Would be rather nice, no?

So, any ETA on beta 4? I've got a site I wanna upgrade, but I'm awaiting the lastest-and-greatest.

I thought beta 4 was going to be available this past Wednesday. Any ideas when this wlll happen?

Thanks

Hahah, me too! Even though most of the time the changes are tiny from day-to-day, I check like five times a day to see if anything has come out!