Comment spam is a problem. I have been using MT-Blacklist to try to eliminate it. However, it is a time consuming game of one-up-man-ship. I read Dan’s “Spam Begone” approach and decided to give it a try.

I disabled MT-Blacklist and setup SCode. The first approach (MT-Blacklist) consisted of utilizing a blacklist of known strings to identify comment spammers and zap their spam. To maintain an effective blacklist required constant updates, which I hadn’t bothered to automate. In addition to being time consuming to maintain, false-positive string matches would eliminate useful comments. Therefore, strings need to be specific enough to eliminate comment spam while avoiding vagueness which would result in false positives. What a conundrum!

The new approach displays a security code and requires the end user to manually reproduce it before they can save their comment. This should stop spambots in their tracks (for awhile), by proving the end user is a person rather than a computer program (specifically, a bot which emulates a person). The only comment spam I will need to worry about is items that are manually typed in. That is until the next round in this comment spam arms race.