Forum Moderators: phranque
Apparently somebody has sent out travel related publicity emails with two of my photos embedded, because I have seen a surge of hits for exactly two images (from the Roman Forum in Rome, Italy). The bastards haven't even bothered to copy the images into the email, they have just linked it off my site.
Most hits are without a Referer header, probably because the mail agents don't send referrer info, and those that had the header usually came from some webmail system. Many came from webmail systems on travel related sites, like mail_vacation_com.
Some come with the weird referrer: "stream://1/"
I have no idea what that is.
I have a sense that somebody is sending out a newsletter or spam with links to my images.
Right now I have blocked all image access without a referrer header, but it is going to cause problems for some of my users, so it is not a viable permanent solution. Not all browsers and proxies send referrer information for image requests, so my pages will appear broken for some legitimate visitors.
I hope the broken images in the email will make the sender look so unprofessional that the messages cause them more harm than good.
I still loose bandwith, though the reject is only one tenth of the image size.
I'm a bit annoyed I have to spend my time on this kind of highway robbery.
René.
Don't it just bug the devil outta 'ya when you have to change the pathways to your own material, just to keep the bandwidth theft to a minimum?
Grrrrrrrr.....
Why, it's enough to make the Pope turn Jewish :o
Pendanticist.
Of course, while that does extract some measure of revenge, it won't lighten your server load.
Jerks!
Here is what I have done so far:
setenvif Referer "^$" directhit
setenvif Referer "Inbox" directhit
setenvif Referer "mail\." directhit<Directory *imagedir*>
<Limit GET>
order allow,deny
allow from all
deny from env=directhit
</Limit>
</Directory>
It blocks most of them, including most webmail, while letting the images work on my site for most users.
I guess if I went with mod_rewrite, I could dynamically redirect such requests to other images, like the goatse.cx image! That would be fun! Maybe I should spend the time on it.
René.
It has been around 24 hours since the spamming started, and at least 21000 people have opened the mail according to my stats.
Most of the recipients will now see an image with the text: "The senders of this email have used this photograph without proper permissions. Please visit the site XXX to see the photographs"
My hope is that this will make the senders look reasonably bad while getting the name of my site out with the email.
René
Onya
Woz
Most of the recipients will now see an image with the text: "The senders of this email have used this photograph without proper permissions. Please visit the site XXX to see the photographs"
Gee, let's hope no one reports your work as an integral part of the UCE/SPAM itself. Wouldn't look good on your part.
Just a thought.
Pendanticist.
Gee, let's hope no one reports your work as an integral part of the UCE/SPAM itself. Wouldn't look good on your part.
I think it is quote clear that it is not part of the spam. I am not afraid of that. It is an image so somebody would have to type in the address of the site. It cannot be scanned automatically.
What bothers me is that I don't know what is in that email. I think it is travel related, but I haven't seen the message. It might be some kind of "Celebrate xmas in Rome, Italy" thing.
René
What bothers me is that I don't know what is in that email. I think it is travel related, but I haven't seen the message. It might be some kind of "Celebrate xmas in Rome, Italy" thing.
Technology being what it is, it's too bad there isn't some kind of clearinghouse where you could post your images asking if anyone has seen them. Seems like there should be some way to trace it/them back.
<shrug> The best of luck to 'ya.
Pendanticist.
I can make a dynamic whitelist of IPs when users access real pages on my site, and then use that list to block image requests that wasn't preceeded by a page request. A page-request would open up for image requests for, say, the following 30 minutes.
In that way direct hits for the photos will be blocked unless the user (or somebody from the sam IP) has visited the site within 30 minutes.
I'll research it a bit.
René.
Pendanticist.
