on Nov 14, 2006
This week’s spam harvest is particularly bountiful. I guess the spammers are gearing up for the holiday rush. It’s mostly the same few messages over and over, but once in a while I see something new when I clean out the nets. Today’s catch was a rare fresh-water jumbo spam, which weighed in at an amazing 45 kilobytes! That is a gigantic comment.
Akismet has caught just shy of 24,000 spam since I installed it. Perhaps one in a thousand slips through the net and must be dealt with directly. None of those couple dozen “lucky” ones really got away – I just killed them manually. None of them has survived long enough to be of any use, much less catch the roving eye of the Googlebot. It’s rather amazing. I see a lot of blogs, and I never see successful comment spam.
I can only assume that other people have similar results. I can’t imagine why the spammers keep at it. Perhaps there are lots of abandoned blogs running old blog software that the spamutator can penetrate. Even so, how much of a boost to your page rank can something like that yield? The success rate for comment spam has to be a good deal less than 1 in 10,000. It’s probably closer to 1 in 100,000, and those that do get through are on obscure pages that nobody reads or links, and that Google rates very low. So, 100,000 spams for 1 pointless link? That doesn’t seem like a worthwhile tradeoff.
It actually feels like comment spam is a winnable war. Trackbacks are all but lost, and they more or less own email at this point. But comment spam is manageable. It seems like the low rate of return ought to encourage them to move on to easier targets. The 45 kilobye one seems really crazy. The chances of that making it through are astronomical, and it’s actually large enough that the size will chew through a lot of bandwidth if you’re trying to send a lot. (Which they would have to be.)
What makes the whole thing even more insane is that so many of these pages are so transient. I don’t click the links, but occasionally I’ll ping one of them or do a whois on the domain. Usually by the time I look their site is down.
So, to sum up:
- A spammer must have some sortware for crawling the blogosphere, finding comment links, and posting comments.
- He must infect some PC’s or otherwise swipe some bandwidth for sending these spams If he had to pay for bandwidth – particularly copious upstream bandwidth -the whole thing would be a net loss.
- He must send many, many thousands of spams before one slips through the net and reaches a real blog.
- When it does, the blog is probably old and abandoned. His spam will sit alongside thousands of other unrelated links, on a low-ranked page that no human ever reads or links.
- Perhaps he will enjoy a little boost. Maybe the Googlebot will spot his link and his spam site pagerank will go up a tiny bit.
- By the time that happens and someone actually tries to visit the page, he’s been forced out, shut down, blacklisted, or otherwise chased away.
Even assuming he steals the bandwidth and gets his spamifier software for free, it doesn’t seem like it would be worth the effort. You can’t possibly make decent money like this. Not enough to justfy the hassle of running a nomadic website and maintaining the whole operation. That can’t possibly be more profitable than just getting a regular job.
Clearly I must be missing something. People wouldn’t be doing it if they were losing money. I’d love to know how this continues to work for them.
Shamus Young is an old-school OpenGL programmer, author, and composer. He runs this site and if anything is broken you should probably blame him.