The war against comment spam

There is a surge in posts about comment spam, and this vitality is a good sign as long as solutions and advices keep coming quicker and stronger than comment spam itself. Here is a focused tabs dump:

  • Adam Kalsey, in his Comment Spam Manifesto, declares war: "You’ve picked a fight with us and it’s a fight you cannot win."
  • The same Adam, in Cutting comment spammers off at the knees, explains how he shut down a spammer's ISP account. Don't miss his followup Spam Talk!
  • Joseph Duemer has sent an invoice for advertising to a spammer. Brilliant! In litigation-happy America, money is the ultimate weapon, let's expect more of the same. Joseph led me to this wonderful post from Otto, where we see that we can have a good laugh at spammers.
  • Up in arms at Stentorian, you'll find tools and advices to track down spammers (Windows-centric but Mac OS X provides all those tools as well). Speaking of tracking weapons, check Sam Spade as well.

There are also some discussion growing about blacklists. Kimbro would like to know if there is a central repository of blacklists. Roland Piquepaille explains why, in his view, blacklists are a bad idea. Ditto Ito ;-) who writes "I know I use a blacklist for my comment filtering. It's a stop-gap measure until someone figures out a better solution."

After I caught yet another comment spam on one entry today, I discovered that there was another spam previously left on the same entry. How that old spam escaped my vigilance got me wondered about the reliability of my current comments email alerts. Many things can get wrong there (the MT script may fail just before sending the email, the email doesn't reach my mailbox, etc.). MT-BlackList is on my to-do list, but the padawan is waiting for the Masters to see if they break their laser sabers with it first.

Despite Roland's story, I have the intuition that a central repository of blacklists would be efficient. I would love to see a system -- with safety barriers to prevent stories like his to happen, or at least be fixed in a timely fashion -- where as soon as a spammer hits one of the vigilantes' weblog, all his further attempts are automatically defeated! Wouldn't it be "Hell Frozen Over" for real?


I guess spammer are using specific post settings, for MT for example.

I don't know how coment-spammer proceed, but could it be possible to change the fields' name in the HTML form element ? (So that automatic post can't work)

Or just add a picture-based checking like what Yahoo does when creating an account. It should not be difficult to code an addon that generates a picture and check a corresponding input field. It's not very user-friendly but it could be a better measure than using black-lists...

What do you consider spam ?

It's in the comment policy.

Very interesting, I think I recollect something like that in the past, I'll have to look after that.

mensuelles Archives

Recent Entries

  • Steve Jobs

    "Remembering that I’ll be dead soon is the most important tool I’ve ever encountered to help me make the big choices in life. Because...

  • Your privacy on MOTOBLUR by Motorola

    After the Nokia Ovi Store carelessness, it's now Motorola who's allowing strangers to get access to your private information on their MOTOBLUR portal. Exactly like...

  • How to resume a broken ADC download

    (I'm documenting this trick for myself to remember, but it can be useful for others…) Apple, on its Apple Developer Connection site, has a bad...

  • WTF is this ‘myEventWatcherDiv’ doing in my web?

    All of a sudden I started to find the following line in most of the web pages I was browsing, including ones I made where...

  • Your privacy on Nokia Ovi Store

    My friend Adam Greenfield recently complained about the over-engineering culture at Nokia: I was given an NFC phone, and told to tap it against the...