The past couple of days, I’ve been getting deluged with comment spam. Fortunately, WordPress prevents virtually all of it from showing up where anyone can see it but me. That’s still unacceptable. I’m getting ready to have my blog automatically trash any comment that mentions “poker” or a pain medication other than aspirin. You have been warned. ;-)
As a stopgap measure, I installed lr2Spam by Anton Olsen. After activating it, I successfully left a test comment (and then deleted it). We’ll see how it works for the rest of you…
If you have problems publishing a comment on my site, please contact me.
Comment Blacklist is your friend :) Just add the offending words related to gambling or pharmaceuticals to the blacklist and the comments won’t even make it to moderation. Before 1.5 I used my own hack which checked the comment against a list of words and would die() with a nasty message if it contained any of those words.
Mike, I’m probably going to take your suggestion. Since I installed lr2Spam, two people other than me have commented successfully, so it looks like it’s not stopping the comments I want. I’m curious whether it blocks the spam.
In the past couple of days, I was slammed with about four or five big batches of spam for Tramadol, various types of poker (does anyone really gamble online?), and sex sites. Unfortunately, “poker” is a reasonable word for someone to want to use in a comment, but most pharmaceuticals and sex words could be put on the blacklist.
I wish there was some way to put the spammers out of business. I like the screen saver Lycos was distributed, then stopped. I understand it would generate bandwidth on the spammers sites. If enough people used the screensaver, the spammers could end up with large bandwidth costs. :-D Unfortunately, Lycos determined that the screen saver might have legal problems and pulled it.
Don’t forget to include words like ‘larger,’ and ‘Viagra,’ and the like. I got messages urging me to enlarge my penis every day, until I went for the high-powered spam filter in my MS XP.
Don’t worry about that. I have two lists: the first list puts the comment into a moderation queue (where yours went) and it won’t appear unless I approve it, the second list, or “Comment Blacklist” mentioned by Mike above, deletes the comment without warning or notice. Here are are the words in the first list:
tramadol
adipex
advicer
ambien
carisoprodol
casino
casinos
baccarrat
cialis
cwas
cyclen
cyclobenzaprine
day-trading
discreetordering
dutyfree
duty-free
fioricet
freenet-shopping
holdem
hold’em
incest
levitra
macinstruct
meridia
online-gambling
paxil
phentermine
platinum-celebs
poker-chip
poker
poze
prescription
soma
slot-machine
taboo
teen
tramadol
trim-spa
ultram
viagra
xanax
booker
zolus
chatroom
In a recent issue of one my my science magazines that I subscribe to (Scientific American, maybe) there was an article that described different algorithms people have proposed for fighting spam at the gateway level. The one I found most interesting was having the system give the sender a difficult math problem that has to be solved before the message will be accepted. If you are sending a message to a dozen people, you’ll hardly notice any slowdown. Probably 20 or so messages won’t matter much, either. But if a system is sending a million messages (or some other huge number), the sender’s system will become so slow and take so much of the sender’s resources that they will just about have to send the messages in smaller chunks from several systems at once. The cost of their resources will likely put them out of business, given the rate of serious replies they receive.
There were others, but that’s the one I understood the most. It sounds like a winner, to me.
That might work for e-mail spam, it won’t have any affect on the types of spam that bloggers face: comment spam and trackback spam. Spammer hope to improve their Google page rank by placing links to their web sites in the comments of blogs.
The problem is so severe that some bloggers turn off comments and trackbacks on their blogs. I think I’d rather quit blogging before turning off comments. The two-way communication is a large part of the fun of blogging.
WordPress, the blogging software that I use, is apparently one of the better packages at preventing spam. It has mutliple levels of spam prevention plus user-written plug-ins that can prevent spam using other verification techniques.
Note: I haven’t had any real experience with any other blogger packages (other than a placeholder blogger blog I have; you used to have to have a blogger account to leave comments on blogger blogs).
How is lr2Spam working for you? Are you still using it?
Since I wrote it and installed it on lr2.com and anton.lr2.com I’ve gotten exactly one spam and it was posted manually by someone using IE. They read a few posts then tried to make the spam look real by answering a question in an existing comment. They got stopped in moderation so it wasn’t a problem.
Anton, I think I’ve had one or two comment spams since using lr2Spam. That’s a major success in my book. I haven’t seriously considered using anything else, it’s working so well.
I have an interesting side effect. I have WordPress configured to e-mail me whenever a comment is posted. I still get the e-mails when a spammer attempts to leave a comment, but the text is empty and there is no comment to delete.
I really appreciate your work in developing and releasing lr2Spam.
Are all these tools for auto spammers, i’m afraid they wont work because there are alot of people who just write spam themselves and can easily see past this. Hope this works for you though.
Nice try, Forum. ;-) Unfortunately for you (and your attempt to spam me), I’m able to edit out your URL.
By the way, I have upgraded to Akismet. Its spam blocking is quite amazing.