Spam Fighting

A few weeks ago Jay Allan, the designer of MT Blacklist posted some suggestions for new plugins to fight spam. I followed up at the time and installed Trackback Moderation. I also went back later and installed MT-Keystrokes. The idea is that it blocks any comment that does not contain a bit of code that can only be created by a human user who has opened the comment window in a browser. The template that creates the comment field in the browser for the human user has javascript that inserts the special code if the user types something or pastes the comment into the comment window. Spiders can’t comment, which should screen out a lot of comment spam.

Keystrokes takes a little bit of work to install. In addition to unpacking the plugins in the MT directory, it installation involves writing or pasting some code in templates: the Individual Archive if comments are part of that template, and possibly the templates for comment popup or other comment windows. As well depending on the code in the template the new code may have to be inserted at two places. It is also possible to customize some code in the plugin script.
It works. It has screened spam for me. It logs spam bounces in the main activity log. However, the way MT and MTB work together means that MTB handles the comment first. That means that MTB is blocking the spam and logging the blocks. Keystrokes only has to handle a few comments – usually a burst every few days. I have seen MTB log entries indicating a comment has been force-moderated based on age – but Keystrokes blocked it. I didn’t have to remove or despam the comment – it just wasn’t there.
When I queried which plugin handled the spam first in the MTB forum, I found out that MTB handles the comments first. I gather they may be trying to let the user decide the logical order for plugins based on server demands and other considerations in a future release or upgrade. It isn’t clear if this is a big priority with them and when any new release with this feature might come out. All other things being equal, I might want to let Keystokes act as the first line of defence against spidered comment spam.
I spent an hour or two one Saturday going through my Blacklist and I culled hundreds of strings – mainly URL’s – that have never had a hit. My list now is only couple hundred strings and a few dozen Patterns and Regexes. That seems to be good enough to defeat almost everything. And so far no one has complained that they can’t use the words “poker” or “hentai” in a comment or a post that they want to Trackback to my blog.
I will probably install some other plugins, perhaps to close comments on old posts which may kill a lot of spam. However I don’t know if that is going to shorten my MTB logs or decrease the time I spend in the MTB window.


One response to “Spam Fighting”

  1. I may need to look at this. I am frustrated with the constant spamming. In addition, I dropped Norton, and loaded avast!, which isn’t behaving nicely either. I need a new antivirus/firewall program…