Need help? Check out our Support site, then


Antil spam measure - a suggestion

  1. Would it be possible to add an extra field to the commenting system that requires users to add a 3, 4 or 5 figure number? The length of the number could be selected randomly and all you would need to do is add 111 or 2222, any number would do depending on the length of number the system asks for. This should not be too easy for spam bots to mimic - especially if it were to be requested after someone has written a comment. Text readers should be able to deal with this too so site accessability would not be affected.
    Any thoughts?

    PS WordPress.com is a great blogging platform!

  2. CAPTCHA has been discussed many times before; it's generally felt that Akismet is superior, and having dealt with blogs using each I have to agree. I find them fiddly and annoying and ineffective, myself.

  3. My idea is not a CAPTCHA system - so no problems trying to read warped characters. I assume that most spam comments are machine-made. I don't think a spam bot would be able to follow simple instructions and be able to distinguish between a 3 or a 4 figure number - whereas this would be easy for a human.

  4. I don't see how it differs from an alphabet-based system, except that it would be simpler, there being only ten integers.

  5. Indeed, it is probably simpler than an alphabet system. That is the point - simple for humans, but difficult for machines. I know CAPTCHA systems, which are based on image files, discourage comments, however simply requiring someone to add 111 etc should not, but varying the length of the figure used should keep automatic spammers at bay - especially if the characters are requested in a new field which is added to the comment form as soon as the submit request is made.

    I guess spammers would be able to adjust their scripts eventually, but I don't know how easy it would be to get a script to identify the difference between a request for a five figure or 3 figure character - and the length of number would change randomly from one post to another.

  6. Well, if WordPress ever does implement this I hope they make it optional, as I don't want to put another step between my commenters and my blog, and I'm not actually finding many real spam comments getting through. I've had five hundred today, and none got through. Do you find this necessary?

  7. Do you enjoy reading through 500 spam comments to check if there is any non-spam there? Or do you just hit the delete all button?

    I just can't be bothered to go through all the spam to check if there is non-spam there (although I do go through the first page) so I'd like to stop the spam being entered in the first place and I have not had many spam comments get posted directly to my blog either. Akismet is very effective, at the moment.

    As for steps in the commenting system, I would simply make the add email address optional - so the number of times someone needs to write would be reduced.

  8. I always hit Delete All. My commenters are mouthy and let me know if something doesn't show up. Add email is already optional, as I understand it, but I like people to stand by their comments so I always include it.

  9. Delete all is OK, but if a genuine commenter is identified as spam and even if they are mouthy, you may never see his or her comments. This could put people off commenting as much as some anti spam system IMHO.

  10. Do you enjoy reading through 500 spam comments to check if there is any non-spam there?

    I do. ~sigh~

  11. I'm with raincoaster. My blog has had 58,000 comments stopped and I'm unaware of a single wrong call - and I have a contact form if they did see it go.

    The test you mention will not be implemented here. Akismet it is.

  12. Good for you nosysnoop - but you must have plenty of time on your hands and not get bored seeing all those silly spam comments which drive me up the wall, over it, and down the other side.

    Some system to block auto spam scripts would be welcomed by may WP bloggers, I feel. There must be a way of telling whether a poster is a human or script being!!??

  13. OK Mark, message understood. I have had several non-spam comments marked as spam, even one from a person who had not had comments marked as spam before, coz the were not.

    Can we all have contact forms please?

  14. The site I mean is my blog on my domain.

    Akismet has zero accessibility problems.
    Any visual system has those.
    What do we do for our blind users? Why should they have to jump through hoops when they might not feel they have a problem. That applies to other users too.
    I have a Typepad key. Will I comment on ANY blog using that stupid method? No - because I can't be bothered to go find the key, copy it, paste it and then write my comment.
    What do we do for people that cannot add, or cannot understand it? Not every user here speaks English.
    What do we do when the spammer cracks that protection? Do we ask for another layer? Do we give up and just not ask for comments?
    Do I want questions like "I did my sums and got it wrong so why can't I comment??" because from emails I get I can assure you I would get one of them.
    What is stopping spammers hitting your blog with lots of random numbers in the hope of scoring a hit?

    If we stop Akismet and use any other measure you can welcome all the orange:
    http://akismet.com/stats/

    This matter has been discussed again and again and again here.
    The answer isn't changing.

  15. "The site I mean is my blog on my domain." - so your comment re a contact form was not really relevant to blogs on the WP.com system, was it.

    If this has been discussed over and over again, then this means people are concerned about it.

    Sounds as though you are talking about giving in to spammers, which is worrying.

    Of course we need to support people who cannot see, read English etc, but this is why forums of this nature exit, to help find solutions to such problems.

    Maybe I am expecting too much from what is a free system and I apologise for this - WP.com is very good indeed. I was just trying to suggest a way of making things better for one and all. I imagine you must get sick of hearing the same old, same old all the time, though.

    I shall crawl back under my stone.

  16. The 58,000 is relevant. It shows that Akismet works.
    The Blix theme has a contact form.

    And no-one is giving in to spammers.

    I am unaware of any blog system that has effective and unobtrusive amti-spam measues that are good enough to the level that people will pay for. Akismet is though.

    And discussing it is fine - but please understand that comment spam is not easily dealt with.

  17. Thanks for the info re the Blix theme.

    Good to hear you are not giving in to spammers!

    I appreciate that it is very difficult to deal with spam and Askimet, as you have demonstrated, does a good job.

    Could we have an auto spam delete function to activate, so don't need to press a button? This would work well with the contact form system.

    Thanks for the input Mark. You and all the other WP.com people are doing great things.

  18. Just to echo, I used to read all the comment spam, but after weeks of finding nothing, I just gave up. I'd like a switch to just nuke it. (Yes, I know it goes away after a while.) I try to diligently look at comments quickly. Since most, more than half, is trash that slipped by, I mark it as such. I hope, but don't know, that the filters will get smarter based on my input. Just my modest contribution to help out. It's an infuriating problem and I can believe anyone buys anything from these bozos. Recently, when I got a spam about "getting a free XXXXX card", I called XXXXX in Chicago and nagged them. They reported back, (I know an honcho there), that they have amended their gift card language that prevents the card from being advertised and that they intend to enforce it when notified. Where is "Blue Frog" when we could really use it? I conclude that the spammers are running the internet. Until IPV6!

  19. The weirdest thing I have seen? Door handle spam.
    "We have the best door handles"

    .... words failed me.

  20. You ever seen spam for spam?? Spam spam, in other words. Now that would be wierd!

    PS the Blix theme contact system is cool. Would be good to add it to all themes IMHO.

  21. I still read thru all my spam because for whatever reason, it seems that the first time a new person comments on my site, it gets grabbed as spam (not always, but a lot).

  22. @ Mark

    The weirdest thing I have seen? Door handle spam.
    "We have the best door handles"
    .... words failed me.

    Here's one sulz got that's even weirder ... wire brush sex {{shudder}}

    I scan the pages of spam each day and don't sweat the small stuff. Most is immediately identifiable as spam and I have yet to find a false positive in the Akismet spam bin. Akismet rocks.

  23. This makes the Akismet spam box a bit easier to go through quickly: http://engtech.wordpress.com/2007/01/10/too-much-spam-akismet-auntie-spam-for-wordpresscom-greasemonkey-script/

    Today I decided to perma-ban anything from .info or .biz because spam was getting through Akismet:
    http://engtech.wordpress.com/2007/01/10/too-much-spam-blacklisting-info-because-it-gets-through-akismet/

    What I'd like to see it a challenge/response system where:
    - the first time you leave a comment it sends an email to your email address to confirm that you're you.
    - after that is accepted then your email address is allowed to post comments which will be still be scrutinized by akismet.

    No captcha crap. People will have to use valid email addresses. Eventually around 5% of spammers will build the email challenge/response into their spam bots, but because they have to use a real address it will make it even easier for Akismet to start identifying them.

  24. This Spam is weird, everytime I refresh my browser, there's at least 10 new spams caught by Akismet, is that really normal?

  25. @k
    The spammers and their bots went absolutely nuts this weekend. If you take a look at the Akismet graph you can see this. http://akismet.com/stats/

    @ engtech
    I agree with no captcha. I'm not sure about the challenge idea. When I get my new computer I will install the greasemonkey extension and use your auntie-spam script. Thanks for creating it. :)

  26. engtech --

    I installed your workaround and it works great! Outstanding! Thank you!

  27. Knoizki, yup. See that 7k number on my blog? That was from Dec 24th to whatever date I finally desided to switch to the must have an account to comment setting.

  28. I always check my spam, which I hate having to do, because there are several commenters from Europe whose comments ALWAYS end up in the spam filter, no matter what. I'm really sick of reading all that garbage. One thing that would help would be a page list at the bottom of each page of spam instead of having to scroll to the top to go to the next page. I tried telling Askimet to automatically delete spam that contained a long list of bad words but it didn't work. As much as I dislike the captcha system, I'm beginning to think it's better than having to screen all the nasty spam.

  29. You could just ignore it. They autodelete after 15 days IIRC.

  30. I have vision problems and Captcha is not my friend. It used to take me at least two or three tries to accomplish. I resorted to having other people type them for me which was not convenient as they weren't usually available. Finally it became such a barrier to commenting that I no longer leave comments on blogs with Captcha.

Topic Closed

This topic has been closed to new replies.

About this Topic