Won't work. I spent a couple months using "block host" on the fake ipod search results whenever I saw them. After that time I hadn't made a dent in how many of them showed up. Whoever's behind it has apparently got multiple host machines in multiple regions, each of them connected through an ordinary ISP, rather than using a central server farm on a commercial connection. The result being they come from a dozen or more machines each of which has a dynamic IP address in a different range from the others. Unless you block whole swaths of the Internet, you can't keep out the damn ipod spams. And to top it off, not only is it much harder to block because they are running their scam from a handful of ordinary office computers on ordinary home user broadband connections, it's probably also actually cheaper than if they had a "proper" commercial server farm and a "proper" commercial network connection with a stable IP for each machine, too. :P

RIAA snoops are also impossible to keep out. They'll all have connections at home with various IPs that change from time to time, and you can bet they'll use those or even resort to cyber cafe surfing if they can't get the goods on illegal sharers from their work connections.

Other spammers besides the ipod spammer don't even rely on spoofed search results but instead distribute mislabeled or mutilated files the ordinary way. There's no way even in principle to distinguish those from legitimate sharing, except file fingerprints, and Limewire doesn't have a way to block certain file fingerprints for some brainless reason, it can only block by host or by keywords in the file name.

Even the ipod spammer doesn't rely entirely upon spoofed search results. I avoid them -- they're really quite obvious -- but I still get the odd ipod JPEG that must have come from a seemingly "normal" search result and I still see (but avoid) the odd abnormally small WMV that doesn't have a zillion T1 sources and a filename identical to my search. Apparently there's a second method of dissemination, probably by simply configuring each of their machines to not only generate spoofed search results, but also to have a handful of spams that are shared "normally", i.e. they are simply given various names that will match popular searches and stuck in a shared folder.

And since the jpegs (unlike the wmvs) are a perfectly typical size for legitimate files of the same type, there's no way to avoid them, short of the brilliant suggestion someone posted earlier in this thread of showing dimensions instead of bitrate for the right hand column when doing an image search. All the ipod jpegs are the same odd size, 356x598. I've never seen an image that size that wasn't bogus. (Even file fingerprinting won't keep them out. There seem to be dozens of different versions with slightly different sizes and even sometimes different host names in the spam -- all no doubt aliases of the same server somewhere run by whatever fly-by-night somehow has the resources to operate physical assets in multiple cities. No doubt the multitude of variations is precisely to defeat attempts at filtering them out by hash. Unfortunately, this means they would probably start varying the image dimensions too if 356x598 jpegs started routinely being filtered out by the major p2p clients.)

Host filtering simply is not a viable solution to the problem of bad actors. Snoops can only be dealt with by some sort of secure anonymization scheme. I don't see that coming to gnutella anytime soon. If you want that use freenet or something -- it actually doesn't perform any worse than limewire. They're both huge bloated java apps that consume hundreds of megs of ram and are sluggish and semi-broken. Bad actors whose misbehavior is in what they try to push on you rather than what they try to catch you doing are a simpler matter. Their bogus files are as easy to vary as their IP addresses, however, so the only ultimate solution is better Bitzi integration. We need to be able to preview media files of all kinds (not just music) inside Limewire and right from in the previewer, delete and vote down files we consider to have been misleading. Not go to some slow and cranky Web site to do so, or to check whether a search result is ok. Nobody is going to do the Bitzi lookup menu thing for every single search result before downloading it -- not when every such lookup involves a sluggish web browser startup (during which LW doesn't respond) and then a slow page load, usually resulting in a "Bitzi fingerprint unknown" at the end, along with the usual assortment of annoying flashing banners and popups that were the chief culprit in making the whole process so slow and are utterly pointless since everybody completely ignores such trash now anyway. The rating should be indicated as part of the result quality. In fact, as far as I can tell the current result quality indicators are meaningless and can go to hell anyway. I've seen four star results languish forever in queue or "awaiting sources", had a whole bunch of intriguing one star results download in seconds so rapidly that Explorer crashed trying to redraw the download folder's window while it was in the middle of redrawing already, and the "new" icons? Forgeddaboudit. If I select a bunch of files and hit Download, limewire's UI freezes for a bit and when it recovers, half of them are now folder icons, half are still stars, and half are torn paper. All of the latter two category are sitting, intact, in my download folder (yes I have broadband), so where are the green checks? Green checks meanwhile frequently appear beside files I not only don't have, but have never heard of, and turn out upon downloading not to be duplicates under unfamiliar names either. Torn paper appears beside files that were corrupt, files that downloaded successfully, files I just plain don't have, and files that are in progress. Folders are likewise inaccurate -- maybe half are files downloading or queued; the others are files I already successfully downloaded but whose icons didnt change to green checks. And if anything the recent beta makes them even more inaccurate. If they can't be gotten right, best to trash the whole lot and replace them with Bitzi rating information. I suggest a faux-digital-readout bar as long as the current four-star icon, dark red at the left end, through yellow to dark green at the right, and the bars light up from left to right based on the file's rating. If it's deeply in the red it's probably bad as it's had a lot of negative votes. If it's well into the green, it's probably good. A ? icon can appear for files with an "unknown bitprint". And you can be encouraged to download the file and then rate it from the previewer I suggested above, so that when the spammers change their files to try to evade filtering, the new version of their spew has a strongly negative rating instead of a ? in a matter of hours. (Actually, it's likely to start out with a small positive rating. You don't think they won't try to stuff the ballot box do you? But there's only a few of them, and many of us, and even if they have access to a shockingly large number of unique IPs, we have access to ALL OF THEM and can therefore still outvote them. Unless they subscribe an account at every ISP in the world and hook up one computer to each, which would surely bankrupt them, their votes can never outshout ours as long as we can make ours quickly and easily the moment we are pleased -- or displeased -- with a file. And if they have the resources to actually operate a branch spamming office in every city in the world, each with a dozen or so PCs, one for each local provider, then we're screwed any way you slice it, since they're obviously the government or the Illuminati or the aliens from War of the Worlds or something of the sort.)