Comment Spam Solutions

by john on September 4, 2003

Many of us running weblogs have been hit by comment spammers in the past but it seems like it is really starting to ramp up. One particular spammer, vig-rx, has been particularly persistent. Burningbird says he is using Google against us.

The simplest counter-measure is to ban the IP the spammer uses. Of course this is close to useless as they tend to switch IPs every time the run a spam. You also run the risk of banning an entire site rather than a single PC and that clearly isn’t what was intended.

For email I’ve always thought a white list approach would work the best but that wouldn’t work for a weblog. Simon Willison is taking the approach I would choose by Blacklisting comment spam. Adrian Holovaty takes the same stand but firmer saying Die, comment spammers.

I think the long term answer for this is web services. Web services is a solution looking for problems and here is a classic one. Someone like Simon or Adrian (or more interestingly, an anti-virus company) could build a simple server that responds with a simple yes or no when queried whether a site appears on the blacklist. Would be very easy to build that and would be extremely effective if promoted properly. I say it should be an anti-virus company because I don’t think there is a revenue model that is attractive for this other than generating good will, but I could be wrong.

In any case I’ll just continue to delete the comment spam as I get them and wait for someone to build that web services solution.

{ 11 comments }

Chris September 4, 2003 at 8:00 am

MT needs one of those image to text anti-robot things like vB, paypal and ebay use.
I’m going to head over to MT and suggest it.

Elaine September 4, 2003 at 10:19 am

except that those are a major accessibility nightmare. (this just came up yesterday (?) on Mark Pilgrim’s blog: http://diveintomark.org/archives/2003/09/02/microsoft-web-services#c003786 etc.

Ken MacLeod September 4, 2003 at 11:15 am

Two risks already common to real-time blacklists (as used for email today): 1) requires human review of blacklisted entries to prevent abuse, and 2) ofttimes the policies are vague enough that abuse is still possible.

That’s on top of the risk that a blacklist based on IP addresses or address blocks could affect innocent users. One based on “identity” would be much more effective.

Trust and referall networks act like combined white and black lists.

I created a Pie wiki page to start gathering information on the subject, http://intertwingly.net/wiki/pie/CommentAuthentication

Noel D. Jackson September 4, 2003 at 3:46 pm

Actually it’s Ms. Burningbird. Or Shelly “Burningbird” Powers.

Elaine September 5, 2003 at 10:30 pm

I think the “he” referred to in the sentence “Burningbird says he is using Google against us.” is the spammer, not Shelley. as in:

“Shelley says that the spammer is using Google against us.”

Brainstorms and Raves September 6, 2003 at 1:25 am

Friday Feast #58: RSS Validator Update, Check Your Sites, Comments Spam

Today’s Feast covers ad-blocking software, a new domain for the RSS feed validator, and a fun collection of typography-related photos to browse. Happy weekend, everyone.

Jay Allen September 27, 2003 at 6:39 pm
Paracelsus Rambles October 14, 2003 at 12:29 am

Comment spam

I should have seen this coming: comment spam. A bot posts a meaningless comment to your blog and leaves behind

Paracelsus Rambles October 14, 2003 at 7:11 pm

Comment spam

I should have seen this coming: comment spam. A bot posts a meaningless comment to your blog and leaves behind

Chui Tey October 14, 2003 at 8:22 pm

How about a Java Applet implementation of hashcash to combat comment spam? Obviously,
the people who are using Lynx will be affected, but my guess is this is a small minority.

Cero Spam March 15, 2006 at 4:44 pm

Hi,
we are testing a new free form-protection service (http://www.cerospam.com.ar), for blogs and for any kind of web site. It is easy to setup each form with this system, and it is very useful for protecting comment forms from spammers.
It is based on captcha method. Until now it seems to work fine. No matter what kind of blog software you are using, this is not a plugin.
Please, test it and do not hesitate to send us your comments!
Thank you.

{ 2 trackbacks }

Previous post:

Next post: