Removing Spam From Blogs

I was just discussing today the issue of how to rapidly eliminate the number of spam messages posted by unscrupolous marketers on Web sites and blogs that provide spaces for comments at the end of articles, and making some recommendations to the Communication Agents on how to manage and counter the continuos attacks we are receiving.

The typical "spam" comment is a message posted by a certain "lolita", having as her email address pipii@yahoo.com, and which typically says "Nice site!" while pointing with a reference URL to a porno site or blatant commercial product promotion.

On many content management systems is possible to ban specific IPs from posting comments on a site. The difficulty stems from being able to effectively use this tool.

As spammers are quite sophisticated themselves they never operate from a fixed static IP that can be easily tracked down. Rather they rely on public service providers and and on a dial-up connection which makes their IP change everytime they connect to the Web.

In this respect, my limited advice was to ban not a specific IP number but a whole range by posting only the first three groups of digits of the IP originating the spam (if the content management system reports the specific IP number of anyone posting a comment, e.g.: 216.30.32.3, my suggestion is to ban 216.30.32 to increases the chances that if the spammer reconnects to the Internet by using the same provider the ban will include the whole pool of IPs issues by that provider). While this is a very conservative and unprecise way of limiting the damage, which could excluse normal users from being able to post valid comments on the site, I have seen this to be a very rare instance.

Other solutions suggested by Ben and Mena Troot of Movable Type are:

 

 

a) Readers of your weblog must register before posting to your weblog.
Before someone can post a comment to your weblog, they must register with your site.

For many webloggers, this solution is not ideal. Informal polling of webloggers has revealed that many do not want to require someone to register before posting. It usually discourages conversations from forming and is a barrier for open discussion. Additionally, without federation, logins on multiple weblogs become unmanageable.

b) Comments require approval before being posted
When a comment is posted, you can receive an email that provides a clickable link you must visit before the comment can be posted on your site.

For webloggers with a small amount of readers, this solution may be ideal. However, if you receive a good deal of comments, it's a solution that doesn't scale. Additionally, it may ruin the spontaneity of discussion.

c) Image comprehension technology
Before a comment can be posted on a weblog, human eyes must enter a code that, ideally, is not readable by a computer.

This solution is not feasible because of accessibility issues. Additionally, spammers seem to be searching with bots and entering spam manually.

But comes to the rescue the first of a growing number of solutions for bloggers and other indipendent publishers:

MT Blacklist
A Movable Type plugin to eradicate comment and trackback spam

Content-based comment/trackback spam blocking.

Search & De-spam mode provides one-step de-spamming of all of your blogs.

1. Extremely easy installation and upgrades. Works right out of the "box" with No modifications to your templates or the MT source code.

2. Default blacklist contains over 450 known spam strings for immediate protection on install.

3. Optional automatic web publishing of blacklist
   
4. Blacklist importing supported

5. Seamless support for Perl regular expressions in blacklist

6. Comments for each blacklist entry

7. Much faster than the macro solution

Specifically, Jay Allen's MT-BlackList is a blacklist-based solution to comment spam for Movable Type weblogs. It checks the comment fields (body, URL, author, etc) for URLs commonly found in spam comments, and rejects the comment if it looks like spam. The core plugin is set to be released today (Monday), but one of its neatest features-in-development is the ability for weblog systems to share blacklist data using XML-RPC. This provides the basis of a collaborative system similar to Razor, with the option for more management over the items in your own system's blacklist.

[Source: Six Log the Six Apart weblog]