Shelley Powers: In the meantime, here’s a surefire
method of preventing comment spam
WOW. Every once in a while somebody steps up and
concisely states something that, in retrospect, should have been so
blindingly obvious that you have to hit yourself in the head and
say "why didn't I see that before".
This is one of those times.
Spammers aren't going to spend their precious time checking to
see how you have implemented nofollow. Despite having
implemented nofollow on the Atom wiki, spam attempts continue to
But spammers will seek out those with precious pagerank
and focus their efforts there. Most spam attempts are
preceded by google queries for words like add your comment
and edit this page.
So, the surefire way to eliminate comment spam is to drop
out. Not just from Google, but also from Technorati tags, and no
advertising by pinging weblogs.com or equivalent either.
So, the question is: what's worth fighting for. For
Shelley, it is
comments. For Gordon, it is
links. At the moment, I tend to lean towards Gordon's
point of view. To be fair, Shelley provides
similar support on her blog, and is experimenting with
Meanwhile, if you are using IE 5.5 on Windows 98 and you
provide a referer, don't bother trying to post to the Atom
wiki. You are not worth fighting for.
Hmmm... but if Google does not find your page how will people get to your blog?
Pinging weblogs.com and friends is still surprisingly cost-free. I accidentally pinged from a test setup (I didn't know WordPress comes loaded with the hammer cocked), and that single entry has been getting just one spam comment once a week ever since. Silly spammers, not using such a wonderful tool we've built for them.
Why use the obvious "words like /add your comment/ and /edit this page/"? Think of something more original for the link, use unusual names for form fields... seems to me that'd make it much harder for spammers.
Anton - that actually was the point. There is more to life than popularity.
Dare - if you send me some details (like time of day, what page you were trying to access), I will look into it. That shouldn't be happening. And the block on that particular version of IE with no referers is only on POSTs to the wiki.
Jason - I get much more spam on my wiki than on my blog. The word that people use? Wiki. It looks like Atom dropped off of the front page of that particular query, but I can tell you that spammers will go through dozens of pages. Some try to be clever and post something remotely on topic and reference a "blog" that appears outwardly normal, but you can trace back to the query that they issued and see comments within minutes on the weblogs that appear just before or after yours on the query.
Julian - some spam is automated, much of it seems to come from eastern block countries and even the far east. Until recently, all of the spam on the wiki was manual. Now somebody seems to have created a new toy, one that exploits proxies and drones. That's the one that I am targetting with the match on user-agent and referer.
Could they get around that? Definitely. But if they were smart enough to read this post, they would be smart enough to realize that with nofollow there is no value in what they are doing. But as we all know Spammers don't read blogs; they just write to them.
Sorry. When I said "retirement" I was simply referring to your blog. My internet bloodhounds have detected your tracks in cyberspace.
As Sam said, most is automated. We in wordpress land are getting hammered nicely because we're the new MT I guess. As for any novel spam prevention technique. Once it gets distributed widely enough a new tool will be constructed to take advantage. If it's low barrier for participation is will be low barrier for abuse.
Rumour is spammers don't just read blogs they apparently have them too
In the case of auto theft, crime never goes down, it just disproportionately affects those without Clubs, until everyone has a Club, theft still hasn't gone down, everybody's out $20, and we’re all back where we started. In the case of email obfuscation, harvesters never go away, they just disproportionately affect those who don’t obfuscate, until enough people obfuscate that the harvesters get smarter, everybody's wasted a lot of time, everybody's email is still getting harvested, and we're all back where we started. In the case of comment spam...
Dougal: don't worry about it, and no, there is currently no way for you to control which links are nofollow.
Anil, I fully expect that there would be a market for walled gardens. I am not part of that demographic. I participate in enough such cloistered environments in my life - this space is where I get away from all that, and in the process get exposed to fresh ideas and insights.
Dare: If we look at the comment thread so far, exactly one is on my current IM buddylist.
Actually, to try to redeem my snarkiness with something useful, I think the ideal is not a walled garden but an ACL with an entry for "everyone". I use the close friends I first met as random blog-wanderers as the justification for keeping my site as open as possible, too.
I'm wondering, though, how much search engine discoverability is a factor in serendipity. I'd suggest it's at least one of the raw elements required for manufacturing, at least as we've known it thus far. And I haven't seen anything lately that would take its place, but perhaps that's been for lack of incentives to create it.
A (fake) captcha is sufficient to prevent automated spam. It blocked off 100% of the spam for me, and I didn't have to suffer installing all the graphics libraries on a webserver. My personal beef with spam is that like graffiti, it inconveniences the reader. Even worse, it reflects badly on the blogger because he is not keeping his weblog tidy.
Comment on My year in 12 copy-and-paste comments by: Mark
January Pedants! February I’ve been active; you’re just not looking in the right places. March “It looks like you’re trying to view a web page with images. Would you like the Web Browser Assistant to prompt you for each...