Wednesday, July 01, 2009

live by the sword, die by the sword

so yesterday i got a rather rude surprise by email. google, in their infinite wisdom, had decided to label this blog as spam and had locked it, preventing me from publishing what i had planned to publish. if i hadn't acted within 20 days the blog would have been deleted, apparently.

yes, it was the real google and not a spear phishing campaign (it would have made for good social engineering but who'd spear phish me?). they used the exact email address that i only gave to google for my blogger account, and furthermore, when i visited my blogger dashboard (not following the link in the email) it showed the warning about it there plain as day so it was definitely for real.

according to the literature i was seeing, the system by which they identify splogs is automated. they mentioned fuzzy logic, but we know what that means - heuristics (though not the same heuristics used in anti-malware, obviously). although i'm not exactly some hardcore heuristic fanboy i can't help but feel there's a bit of irony in me (or more specifically this particular blog) catching the business end of a heuristic false positive.

there is, of course, an appeal process they give you (so that your blog doesn't get deleted after the 20 day grace period) but i found it a little annoying that there was no indication anywhere that i'd successfully initiated that process and it was only when i checked again today and found the splog notification gone that i had any clue that anything had gone through. the real test, of course, is publishing and that's part of what this post is meant to achieve - if you're seeing this then the blog is back to normal.


cdman83 said...

That also happened to me about a week ago! Their procedure is very weird and very succinct. The text said something to the effect of "you will be notified by mail", but I didn't get any notification event to this day (although the spam flag has been removed).

What made even more disconcerting for me, is that I rarely log into the webinterface directly, I use Live Writer to publish my articles, but there was no indication in other places that I have a problem (like directly on my blog!). What if I didn't log in for 20 days? Would they have deleted my blog?

Very, very disconcerting. Then again, I guess you get what you pay for, and aside from this incident, I found Blogger to be a stable blogging platform.

kurt wismer said...

interesting - i wonder if they've recently tweaked their splog detection algorithm and that's leading to false alarms on very particular types of blogs.

or maybe it's just a coincidence and i'm trying to find patterns (and a causative force) where there is none.

it certainly is disconcerting though. there are times when i leave my blog idle for more than 20 days so if the false alarm had happened during such a period and i hadn't gotten any email about it i'd be pretty much farked (though i do have some backups, but they're not as recent as perhaps they should be).

cdman83 said...

One update: I discovered that I did get a warning email in the gmail account associated with the Blogger account. Unfortunately I don't use the Gmail account as my primary mail account (I use the Yahoo one specified on the blog) and as such I check it very rarely (~ twice a year).

kurt wismer said...

that makes sense.

i don't run into this problem for a couple of reasons, the main one being that i use an email client and i've set it up to collect email from all my addresses (even my webmail addresses - and google happens to make this very easy with free imap access).

this way checking one inbox is the same effort-wise as checking all inboxes.

there are, of course, other ways of aggregating your mailboxes, but whichever method you choose i'd definitely suggest it, aggregating your mailboxes in one place makes life easier.