A changelog by Daniel Mettler

Thanks a lot for your comments! I am always eager to know about your opinions, hints and tips :)

As I’ve recently installed MT-Blacklist (a nice anti-comment-spam filter) however, it might happen that your comment doesn’t appear right after posting it. If this happens, it’s likely that MT-Blacklist has forced moderation of it due to matching anti-spam rules. First: Don’t panic! :) You don’t need to post your comment again and you don’t need to send me any e-mail message as I get notified by e-mail automatically. I will then approve your comment as soon as possible. On very rare occasions, MTB might wrongly qualify your comment as being spam and delete it right away without even notifying me. Hence, if your comment doesn’t appear within about 2 days, please send me an e-mail message.

I’m sorry for any inconveniences caused by this spam filter, but modern times (i.e. massive comment spamming) take their toll. In any case I strongly favor a spam-filter/moderation based approach over forcing people to register or disabling anonymous comments or comments at all etc. I hope you agree.

For your information, here are the most important rules of MT-Blacklist for this blog:

* both comments and trackbacks are scanned
* a master-blacklist is used
* comments by TypeKey authenticated users aren’t scanned
* duplicate submissions are blocked
* if your comment contains more than 5 URLs, your comment is force-moderated (i.e. needs to be approved by /me to appear on this site)
* if you are commenting on an entry that is older than 14 days, forced moderation applies (i.e. approval is required)
* MT-Blacklist omits an old entry from forced moderation if its last approved comment is within 2 days

I hope, these rules aren’t too disturbing for you (if so, please tell me). Happy commenting! :)

My site got massively spammed once again (*yawn*). MT Blacklist worked fine and put the comments under moderation, but SimpleComments 1.11, the plugin I used to display recent comments and trackbacks on the front page, showed all the spam-comments regardless of MTB. Fortunately, there’s SimpleComments 1.2 out since July 27 which fixes this and only displays approved comments.

I’ve just installed MT-Blacklist v2.0e by Jay Allen. An excellent MTB_README file is included in the MTBv2.0e.tar.gz archive which makes installation pretty straightforward. Configuration is intuitive, further Neil Turner provides a pictorial tour about how to configure MTB. I’m looking forward to seeing MTB in action :)

Discovered a strange behavior (some might call it a bug ;) of MT’s notification feature. MT doesn’t seem to ensure that 8-bit mail headers are properly encoded (“7-bit clean”), as the following extract of an amavisd-new error message shows:

INVALID CHARACTERS IN HEADER

Non-encoded 8-bit data (char FC hex) in message header ‘Subject’
Subject: …o ‘Registration opened for OSCOM 4 in Z\374rich’\n
^
This nondelivery report was generated by the amavisd-new program
at host melon. Our internal reference code for your message
is 09847-03.

WHAT IS AN INVALID CHARACTER IN MAIL HEADER?

The RFC 2822 standard specifies rules for forming internet messages.
It does not allow the use of characters with codes above 127 to be used
directly (non-encoded) in mail header (it also prohibits NUL and bare CR).

If characters (e.g. with diacritics) from ISO Latin or other alphabets
need to be included in the header, these characters need to be properly
encoded according to RFC 2047. This encoding is often done transparently
by mail reader (MUA), but if automatic encoding is not available (e.g.
by some older MUA) it is the user’s responsibility to avoid the use
of such characters in mail header, or to encode them manually. Typically
the offending header fields in this category are ‘Subject’, ‘Organization’,
and comment fields in e-mail addresses of the ‘From’, ‘To’ and ‘Cc’.

Sometimes such invalid header fields are inserted automatically
by some MUA, MTA, content checker, or other mail handling service.
If this is the case, that service needs to be fixed or properly configured.
Typically the offending header fields in this category are ‘Date’,
‘Received’, ‘X-Mailer’, ‘X-Priority’, ‘X-Scanned’, etc.

If you don’t know how to fix or avoid the problem, please report it
to _your_ postmaster or system manager.

Such messages hence aren’t standard-compliant and might get rejected by some picky mail hosts (which is the correct behavior). This particularly limits the use of MT in non-US countries (where 8-bit characters are much more common)

Other things I found out (mostly trivial things, but eventually nice to know as they’re not always intuitive):

* Gentoo doesn’t seem to ship with the Mail::Sendmail Perl module. If you use Gentoo, don’t set “MailTransfer smtp” in mt.cfg as it probably won’t work. Instead either set “MailTransfer sendmail” or simply comment it out (as “sendmail” is the default). You don’t need to change or enable “SendMailPath /usr/sbin/sendmail” as this is the default setting which is fine for Gentoo.

* You only need to add your e-mail address to MT’s “Notification List” if you’d like to receive a notification when new entries are posted. Usually, this feature only makes sense for readers who don’t use an aggregator already.

* If you just like to receive notifications when new comments are posted, you only need to

1) tell MT to send e-mail messages through sendmail (see above)
2) Enable “Email New Comments” in your weblog’s “Preferences” screen (at the bottom of the page under “Comment Configuration”)
3) enter your e-mail address in your user profile (click on your username to get there)
4) Eventually make sure you only use 7-bit characters for the subjects of your entries and the name of your blog (as long as this issue isn’t fixed)

Finally, e-mail notification works for me :) IOW: I’m ready to receive all the comment spam twice ;) Probably time to install MT-Blacklist soon. [1]

[Addendum: useful links (Movable Type User Manual: TROUBLESHOOTING):
I never receive email notifications for comments
My webserver doesn’t have sendmail]

[1] Update: I’ve just received my first comment spam as an e-mail message too, but guess what, spamassassin has correctly qualified it as being spam :) Soon, MT-Blacklist will be added to this blog.