David,

Many of the blogging systems have plug-ins that you can drop into them to prevent comment spamming. I would consult your propeller heads as to what the best plug-in would be.

Regards,

Bruce

most other moveable type sites I read have login or other robot-blockers ("type in this number, etc.") I think it's version 3.16?

One thing I've seen used recently is replacing blog comment forms with a flash movie that performs the same function. Since few blogspammers can currently rip open a flash .swf to expoit, the procedure is pretty bullet proof (for the time being anyway).

Details of one approach to this are at --

http://www.jessewarden.com/archives/2005/05/flash_as_captch.html#comments

Hi David,
I use WordPress, which allows you to blacklist words, as well as comments with more than a certain number of (specified by you) links. WordPress even has a nice list of terms to block to get you started. I don't know what software you're using, but if you can't blacklist words, you might want to switch to something else. I haven't had blog spam in a few months.

Hi David -

I installed MT-Blacklist, which did an OK job of blocking most of the spam, but a lot of the automated stuff still got through. Last week I installed MT-keystrokes, and it appears to have completely eliminated the automated comment submission (well over 99.9% of the stuff I was manually deleting). I wrote about it here; it's made a world of difference in managing my blog.

--Rick

Blocking by IP address is likely to be an exercise in futility. According to sources like Bruce Scheier, much spam these days is distributed by "zombie" machines - PCs that have been taken over by viruses, worms, or spyware. These zombie machines will have as many different IP addresses as... well, as many as there are. The most effective way to fight comment spam is to require your users to register, or to turn off commenting altogether. (Unfortunately, it's hard to separate the baby from the bathwater.)

Not sure what blog system you are using but I the one I there is an option to auto-delete any comments which use a banned word. Once you get the banned words list built up with the obvious junk it can be quite effective.

David --

Yeah, talk to Eric. There are systems out there to verify that the commenter is a human rather than a spamming program. They should be "set and forget" systems.

However, you know what happens when someone builds a better mousetrap -- Sooner or later, someone builds a better mouse!

Since you're using Movable Type for your blog, I highly recommend a plugin called SpamLookup by Brad Choate, one of the programmers working for Six Apart.

Since installing this plugin back in April, the time I've spent dealing with comment/trackback spam has effectively dropped to zero. It works well "out of the box", but if you add some common keywords to the Wordlists (the casino related ones in my case), it will take care of almost anything thrown at it.

Best of luck!

Considering the popularity of this site I'd probably implement a CAPTCHA (those little images with funny-looking numbers and letters that you have to type to post.) I'm sure there's a plug-in for MT to make that easy.

Hi David,

Seeing as you're using Movable Type - I'd recommend to the so-called "propeller heads" that they check out the MT-Blacklist plug-in for effective spam control.

http://www.jayallen.org/projects/mt-blacklist/

- Sean

MovableType has plug-ins to do deal with spam but they still require user interaction. I used to use MT-Backlist but that was more work than just deleting comments.

I think the only thing that has helped me has been turning on the Typekey sign-in. In the last three months, I have only gotten 1 comment spam.

Another thing you might look at is what sites are you pinging? The only one worth the time is Technorati, the others just bring the spammers.

Consider requireing commenters to include a made-up word/string in comments (eg. FLARB) and use a filter that only allows though comments with FLARB in them. It will foil auto-spammers.

David, Do what you have to do but please don't "nix the whole game." It's too valuable to too many people.

Ditto. Most of the major blog tools have filters and plug-ins to assist. In some cases, they might need to be "trained" a bit.

Personally, I used to get a lot more of it (knock on wood), but it's minimal and manageable at the moment. Occasionally, someone slips past and tries making a run. Comes with the media, sadly.

I hope you don't give in. There's plenty of resources out there to assist.

Regards,

Brian

Thanks for the input. I apologized a minute ago interally to Robert and Greg, not spending time yet with them on the front end to discuss the resolution before I blasted, but great to have all of your perspectives. - DA

i may not say much (i know you know and all that), but right now i will say this is the only blog i look at every day. and it's the only one i refer folks to.

take away the comments deal if you you must, but please don't take away your shared wisdom and musings. xo

The best place to start is probably the Six Apart Guide to Combatting Comment Spam, from the developers of Movable Type. I've linked directly to their specific recommendations for MT users.

David,hello from Japan and many thanks for your useful books. I have seen on blogs of Anita Roddick (Bodyshop), and some other well-known people that they require people to register to post any comments. Maybe it's the way they use to protect themselves from spam?

Regards

I'll inject one more comment here - we have MT Blacklist installed, which helps considerably -- though what really stopped it completely was programming the backend to reject any submission that didn't come from a "referrer".

Which means if they didn't physically sit and click a link to "add a comment" - they don't get through.