Home Messages Index
[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index

Re: Why Comment Spam Can Never Be Stopped

Roy Schestowitz wrote:

- Logging on before posting is a process tedious enough (from the user's perspective) as to result in no comments at all.

If they want to make a comment, they will - whether they want to log on or not. Sure, you may lose a few users. But you can also use cookies to automatically log the user on. And I have my browser (firefox) set up save userids and passwords for several sites.

- CAPTCHA likewise, but it also appears ineffective. Have a look at the


Read it again. A *few* captcha's have been broken. But some will probably last a long time before they're broken.

-IP blocking is not a possibility. You may end up blocking too many benign
visitors (see Dougal Campbell on spam). Spammers have gathered and
capitalised on many unique addresses by now.

Possibly. Depends on who you want. Most of what I see, for instance, comes in through China, Korea and South America (probably open proxies). You can block them if they're not part of your targeted audience.

-"All comments blocked if URI is contained within" - well, what about the
URI of the commenter's homepage? I currently have a limit set to at most
one URI. URI (or URL if you prefer) is the motive for most when leaving a
comment in the first place.

Then it's blocked. If they really need to post a URI, they can fudge it such as "www dot example dot com".

-Moderation - people dislike being put in a moderation queue and it still
involves filtering work by the webmaster. I currently add to moderation
queue anything that matches a sensitive word. The spammers are now hitting
with different encodings, which requires yet another 'upgrade'. It simply
isn't worth the investment (time).

Yep, as soon as you stop one way, they'll find another.

I sometimes think to myself: how long will it take to develop a 'serum' to
x? If I tolerate x, how much effort will be spent 'tolerating it' over the
timespan y? I learned from experience that for any x, soon will emerge x_1
and x_2 and x_3 where x is yet another hack that the spammers find (e.g.
trackback spam, encodings, proxies, long intervals between posts)...

As soon as you develop a serum, the genetic code will change and it the serum will no longer be effective.


You've come up with an argument against every proposed suggestion. Well, you can't have perfection. You aren't going to be able to keep the spammers with no moderation and no impact on your users. You need to figure out what YOUR trade-off is. From your arguments, it sounds like you're not willing to have any.

Remove the "x" from my email address
Jerry Stuckle
JDS Computer Training Corp.

[Date Prev][Date Next][Thread Prev][Thread Next]
Author IndexDate IndexThread Index