“Online” blacklisted

Bloggers beware! Spammers are sneaky bastards.

Which you knew already.

Today, for the fourth or fifth time, I came across a site which had been suckered into adding the word “online” to its MT Blacklist. This prevents any comments or trackback pings with the word “online” to be posted to the site.

This time it was Bill Roggio at Fourth Rail. I emailed him, and after a bit of experimentation we got it figured out. Besides “online”, his blacklist also contained “http”, “…”, and “..”. That’s basically gonna cause you trouble.

This time an added complication was that my MoveableType activity log listed “…” as the offending string even after “…” had been removed. I finally tried the Wizbang stand-along trackback tool and got a more detailed rejection message that indicated “online” was the culprit.

Did I mention that these guys are bastards?

I think what happens is some spammer, sick and tired of MT Blacklist spoiling his fun, puts together a spam that contains these strings among a long list of other regular strings, and when de-spamming after a big attack we just click “Add to blacklist” without realizing what we’re doing.

I imagine the hope is that bloggers are unable to figure out why MT Blacklist suddenly won’t let ANYONE comment or ping, and the blog owners shut it off.

Once I was duped into adding “:” to my own blacklist. And let me tell you that it took a bit of looking before I realized what was wrong. I’ve also read about some who were tricked into adding single letters to their blacklist. That’s sure to cause problems.

So keep an eye out for this, and if your own comments suddenly stop working, make sure to watch the error messages and spend some time looking for this sort of crap. If all else fails, you could always delete your entire blacklist and re-download the master list.

And Bill was kind enough to give MO a link as a “thank-you” for the assist. Fourth Rail’s been on fire lately, so be sure to keep an eye on it.


  1. The smartest thing I ever did to my own blog was add ‘http’ — eliminates all the spam entirely. If someone really wants to post a url, they can add it sans http and then readers can drag it into mozilla.