Carl’s SEO & Web Design Blog

We maintain a black list of IPs and domains that have spammed or phished us. This list is saved on our local computer in Microsoft Access and periodically uploaded to a MySQL table on the host that is made available to hackers, the FTC, and (when relevant) to individual state Attorney Generals. In mid-January this system failed and we’ve been working with Microsoft and various MySQL forums to try to resolve the problem.

The problem is resolved now and the black list is now again online. You can find it at:
http://www.creatingnewworlds.org/stopspam.cfm
We’ve kept the local Access table updated during this time, so no information was lost. We encourage others to create their own black lists and distribute them until authorities are willing to take the lead. We will post more details on how we do this later.

The problem, we discovered, was a major fault in Microsoft Access. Several users have discovered and reported the problem; but Microsoft has done nothing at this time to fix it. The problem is in the module msjet40.dl. It apparently started causing problems when we updated our Windows 2003 SP3 to SP4. Some users resolve the problem by reverting to older SPs, but Microsoft asked us to stay with SP4. Instead, we had to replace the msjet40.dll module in Access with another MSjet40.dll two versions older, using version 4.0.62180. (Some users, apparently, succeed by going back only one version.) The problem with replacing, however, comes in that the protection scheme in Windows prevents you from putting older modules in newer versions of the program. So you have to go into the registry and turn this protection off before you can replace. And there is no standard rule on this.

Thanks, Microsoft, for your help. But wouldn’t it be better for you to just fix the problem.?

Those of us that struggle to get our clients to the top in the returned results know that Google appears to put new sites in a sandbox, or playground area. Your brand-new site may stay there for 6-8 months, and there doesn’t appear to be anything you can do about it. Meanwhile, you get a top slot in Yahoo and MSN. What happened?

Although the sandbox may appear real, there may be good reason to believe that Google isn’t really doing anything special with your site. The rules that Google uses to position your site may be doing what appears to be a sandbox affect.

Let’s look at some of those rules and see why this is true.

1. If all else is equal, an older site will position better that a newer site. Google doesn’t like mom and pop sites. If your site has been around a while, Google figures you are here to stay.
2. If you add links too fast, Google will penalize you. Unless you are doing something very special, fast link building is assumed as forced and unnatural. Google wants you to build your links naturally. With a new site, you are often trying to get a lot of links in a short time. To Google, that’s spamming.
3. Google favors sites with links coming in from trusted and popular sites. That generally takes work over time. We’ve almost tripled our own visitor traffic over the last year. That takes solid work to do that.

This doesn’t mean you should wait around until your site bubbles up in the results because the sandbox is there - real or virtual. What is does mean is that you should develop a long-term strategy for your site by building links in from trusted sites. Build valuable content on your site so that other trusted sites want to link to you.

If you are planning to do Pay-Per-Click advertising, the biggies are Yahoo’s Search Marketing or Google’s Adwords.

If you purchase a Google Adword advertisement, your position in the listing is determined by the equation:

PI = CPC * CTR * text relevance of ad * history of keyword factors * other
where:
PI = position of your ad
CPC = cost per click
CTR = Click-through rate.

In other words, three of the five facters are determined by Google.

With Yahoo, I could buy a specific position. If I wanted to be #1 for a specific keyword phrase, I could purchase (or actually bid to purchase) that particular slot. Moreover, I could promise a client a position based on what they wanted to purchase.

This advantage is illusionary, however. First, I noticed that the advertisements on CNN (which are Yahoo ads) would often have a company at the top that had questionable ethics. In other words, regardless of their ethics a company could purchase the top slot. As a result, I realized I couldn’t trust any of Yahoo’s advertisements. The free or organic listing was more trust-worthy. With Google, I could drive a top position for my advertisment with little money if I had the click-through rate. In other words, with Google David could slay a Goliath.

Moreover, when I use to buy my ad Yahoo gave me 190 lines for the ad versus the 70 lines Google gave me. Yahoo only gives you 70 lines now.

The conclusion here (and Penny Marshall, a top Pay-per-Click expert agrees) - go with Google’s Adwords.

Links to your site are important for that web traffic, but are important in two different ways: building search engine traffic and simple referrals.

Search Engine Traffic
A link into your site from a popular site is useful for positioning you well in the search engines if it is a text link and contains important keyword phrases. Redirected and dynamic links, JavaScript links, and links with the nofollow tag won’t help you much if any, for positioning in results. Links from spamming sites won’t help you, and I don’t trust any Flash links to help me. If the linking text coming in (anchor text) is your company name or your name, it won’t help much unless you are General Motors or some other branded text. Links from images won’t help, either. No anchor text with images.

Most directories can’t help much as they either link from your company name or it’s a redirected or dynamic link, with the actual page results determined when the entry is pulled from a database.

What you really want for good search engine positioning is links from trusted popular sites. Links from .gov or .edu sites are good as they are almost always trusted. If you can figure out a trick to get news on CNN or AP, you are going to get lots of traffic.

Referral Links

Links from most directories and blog postings won’t help your position in the search engine results much, but are important because they may have high traffic and can often refer traffic directly to your web site from their link. Anchor text isn’t that important. A few exceptions are directories like DMOZ (free) and Yahoo ($299/year), which give you a trusted link.

Conclusion

So the question really comes down to how you want people to come into your site. If they will be using the search engines, work to get good links from popular and trusted sites with anchor text that has your keyword phrases. If they are coming in directly from other sites or blogs, put a strategy together for getting your traffic in from those. For example, created a blog swarm by interacting with hundreds of blogs and commenting on the related topic, pointing to a related page on your web site.

For getting high traffic, web sites and blogs involve different strategies.

If you are using a web site to sell your ideas, visions, or services you will probably find that most people find your site using the search engines. This means positioning well in the engines on your relevant keywords. This positioning, at least in Google, is primarily controlled by the number of links from quality and relevant sites into your pages. Your basic strategy for high traffic, if your site is designed properly, is to build up these links coming in naturally over a period of time. Our SEO book can give you good strategies for that.

For using a blog, the strategy is different. Your goal is to build a blog swarm, or creating energy in a number of related blogs, that point to your blogs postings or web pages. A blog posting can link to your web pages or another posting or your web pages can link to a posting. The blog has to be dynamic, be edgy (to invite comments). In addition, you have to go out to related blogs and build energy on your topic there. Our blogging book details the strategy here.

Don’t expect to see a high PageRank on a page your blog points to or many other blogs point to it, but do expect to see a lot of traffic. If you have your blog properly installed, when you update it the blog “pings” the blog directories, letting everyone know you’ve updated your blog. Moreover, people can subscribe to your blog and get your updatings. All of this is automatic and dynamic. When you blog, information gets to interested users quickly. Updating a web page means a user gets it on a result page after Google has indexed it again - which can take days or months.

Let’s take an example. We put a page on our web site about some major problems we see with Vonage. Next, we searched on Google for blogs on related topics using phrases such as vonage +”customer support”+ +blog. Next, we uses the returned results to find blogs discussing vonage problems and entered our comments as a part of their discussion, with a link to our page in each comment. We kept going - must have gone to over a hundred blogs and commented. As a result, there is a swarm and the Vonage page on our site is one of our most popular pages. It really doesn’t have any PageRank, as it is almost a gateway page. Yet it has high traffic. There is a caution here. Blog comments should be related to the topic for which they are posted. If you do anything else, it’s consider blog spam

From FORTUNE magazine:
Microsoft, Google, Yahoo! and Cisco came under sharp attack from leaders of Congress and human rights advocates for aiding China’s efforts to censor the Internet and punish dissidents. Seems like profit is more important to them than Freedom of Information. For more information, see Tech Under Attack

Or see the difference yourself. Search for tiananmen in http://www.google.com and then again in http://images.google.cn.

So you just got a new computer and you want to load all of those cool free programs that are almost essential now. The Google Pack makes it easy. Good provides a downloader proggram that automatically retrieve and installs all of those free programs you need:

• AntiSpyware Ad-Mail

• Adobe Reader 7

• Mozilla Firefox

• Stream-reading RealPlayer

• Norton AntiVirus (6 month demo)

You can choose to load any or all of these. The package also includes the Google Desktop, which includes (also free):

• Googke Destop program

• Picasa - photo manager

• Google Talk

• Google Toolbar

• Google Earth

To install Google Pack you download the Google Updater.

It is currently only available for Windows XP. If a utility is already loaded on your computer, it will not load it again but may update it if necessary.

To learn more, go to: http://pack.google.com/
Watch for its availability soon - at least we don’t see the downloading button now.

Google watcher John Battelle comments on Google Pack:

Google Pack strikes me as an obvious play for Google, the company has made no secret of its intention to poke Microsoft in the eye from time to time. And honestly, they are right - setting up and maintaining a PC is a right pain in the ass. I very much hope this thing works, and plan to try it out on a new PC Federated Media is buying this week. (More on Pack here at SEW).

I spoke to Marissa Mayer about Pack, and she had some fun stuff to say about it. I noticed no version of Open Office in the Pack, and she reminded me this is just the first version of the Pack, and since it updates itself automatically, why, there might be Open Office in an update shortly. They are in active discussions, I was told.

Pack, if it becomes popular, will bring a whole new set of users to Google, mainly because it includes Toolbar and Desktop, which of course means more searches, and more data, and more money for Google.

“We realize software distribution will have to become one of our core competencies,” Mayer told me.

“Some of (the applications in Pack) will result in increased revenue to us,” she also noted.

Well, I asked, might you ever include Microsoft products in a Google Pack? “If they are interested,” the ever on her feet Mayer responded, “we’d be more than willing to discuss it with them.” Over to you, Mr. Ballmer….

Some of you have noticed that our black list of spammers doesn’t work at the moment. If you want to hack these IPs at the moment, just email us from our contact form and we’ll email you the ACCESS file. Meanwhile, here is what happened.

The black list is kept on a local database on our Windows 2000 system and it drives a MySQL database on the Linux host using a MySQL driver 3.51. We recently updated our Windows 2000 SP3 to SP4 and got all those security fixes installed. Now the SQL driver doesn’t work. Yep, I uninstalled the driver and ACCESS and re-installed both. The error message when we try comes from ACCESS is that the OBDC call failed. It use to work. No additional messages. The system is a Dell workstation. Dell has no clue as to what happened. It is, of course, a Microsoft problem. Microsoft wants $245 dollars to tell me what happened. That’s more than my Windows 2000 cost. And what they will probably tell me for $245 is to reformat my disk and reload Windows and all my programs. (Yes, our data is all backed up.) I’m willing to bet the register is corrupt and that is the problem.

Do you want to know why Microsoft has all the security problems that it does? It isn’t the number of Windows systems out there, but rather the register design. Vista won’t help Microsoft unless they are serious about fixing Windows, and Microsoft has lost trust on that.

Summary
To quote Cringely from the 1/9/2006 issue of Infoworld:

Desktop Linux is looking more attractive every day.

Our host system is a Linux. We couldn’t afford to run our web site on a host that crashes like Windows does. At the desktop level, Microsoft is now competing with Linux, Apple (now using Intel processor chips), and soon GoogleDos. Why should I have to pay for a Microsoft problem, such as my ACCESS problem?

The answer, I would think, would be for Windows’ users to rise up with a class action suite. This was suggested in Inforworld 1/9 by Dave Rosenberg. When do Windows’ users get compensated for Microsoft’s mistakes?

Meanwhile, we are loading the SQL driver onto another system and hope to have the black list up again soon. Our responsibility is to our clients first, so this is considered non-productive and may take some time yet. Please be patient or ask us to email the database. We’ve sent a printout to the FTC, but the Administration and the FTC are pretty dead the next few years.

Adding Darcy to our home page and giving her a special Darcy page increased our web traffic initially by 300%. It’s now more like an increase of 200% over early November. Quite a respectable increase.

On our ministry blog, the blog there is really driving the traffic, which has increased by 50% since October. It’s hard to see the corresponding traffic increase on this business blog, as there are over 800 pages on the site and many people come in from other areas of the site. The city crime mapping and charting on this site, for example, is a VERY popular area. There are a lot of external links in the search engines to that area, so we see the resulting traffic.

We can put Darcy or a blog on your own web site. Let us know if you are serious about wanting more web traffic.

Our spam load has increased dramatically during the last few weeks in spite of spam filters on our host and system. We trap the IPs and domains of spam hosts and load them to a database. This is our black list, and is available and uncopyrighted at http://www.creatingnewworlds.org/stopspam.cfm.

Note: This page is temporarily down. We upgraded our Windows 2000 from sp3 to sp4 and lost the driver that updates the MySQL database in the process. We hope to have this page back soon. The local Access file is still being updated during this time.

The government is doing very little. We just mailed our end-of-year copy of this to the FTC, President Bush, and one of my senators, Senator Ron Wyden. We’re giving them a few suggestions. Here is Senator Wyden’s copy of the letter. Then we’ll tell you what you can do:

Re: Failure of CAN-SPAM Act

Please find enclosed a listing of the spam reaching my system that is illegal or fraud. The FTC is supposed to be finding these and stopping this using the CAN-SPAM act, but it is obvious that the CAN-SPAM act is a total failure. In fact, looking at this indicates that their recent 100+ page report on the FTC “success” with the CAN-SPAM is spin, not facts.

As the government has failed to stop the spams, we are putting the domain name and domain name of spam that reaches us online in a public database and encourage hackers to destroy the IPs and domains. The IP, then, becomes dead for whoever uses it next. That is the only alternative we have at the moment. The page, located at http://www.creatingnewworlds.org/stopspam.cfm, has a very good PageRank of 4 on Google. We blog the page. When we get a gripe or someone threatening to sue, we send their illegal email to their state attorney general (when they are US based) and that stops them. We’ve had no foreign complaints. As other people do this (which we encourage), there is an erosion of available IPs. Spam has to be stopped at its source.

In my world, if I had employees at the FTC with this level of failure I would fire them. Failure to do this puts the responsibility of the failure directly at the commission of the FTC and on the President, to which the commission reports.

Here are some suggestions I would encourage you very strongly to make:

1. Raise the current fine level to finance what needs to be done. Germany charges $65,000 a spam. (This probably requires an act of Congress). Without the proper resources and if doing nothing, you are sending a message that the government (Administration and Congress) is owned by the DMA. Is that the message you and the President want to send?

2. Enforce the fine. They break the law, they pay the fine. No nice talk.

3. Return a portion of the fine (10% split between whoever reports the IP) to the people reporting the spam to finance their processing.
4. Hold accountability at the FTC. Fire when people aren’t doing their job..

I will be blogging what the FTC, the President and Congress does. This letter is in a blog posted at http://www.netadventures.biz/wordpress.

What You Can Do
Here are some suggestions on what you can do.

• Build you own black list of the sites that the spam email points it. We put some email addresses in our database for sources of the spam. For example, if the spam tells you to go to http://www.thisdomain.com, then put that domain and its IP in the database.

• If you want to include the host systems IPs and domains of where the email spam is coming from, we have a $15 dollar paper that shows you how to read those email headers. Certain lines in the header can’t be forged. The paper tells you where and are and how to use them. Order from our store.

• Fire your listing off to the FTC, the President, and your senators and representatives. Remember some of them are up for election next fall. Don’t try to blackmail them with your vote. they are already running scared - or should be. Don’t be a one-issue voter next fall, but hold your senator and representtives accountable.

• If someone complains about being on the list and they are in the U.S., send the information to the state Attorney General where they reside. Keep your spam email so you can send that to the Attorney General. We never get complaints from foreign hosts.

• Know the CAN-SPAM Act so you can tell when they violate it. Use the Federal Trade Commission’s web site to find that.

• Hack the spam hosts if you like. They are already illegal.

Have fun. If you want to use our ColdFusion program on stopspam.cfm, go for it. Look at the source code and copy and paste into a page on your site. Change the database pointers to your own web site. Change fields as necessary. We just put the IPs and domains in a local Access database and then upload it periodically to the MySql database on the host. Very simple. Check with your host on how to do this. Change hosts to our host if they can’t