[Techtalk] Blog spam
tsolow at terisolow.com
Tue Oct 12 16:56:57 EST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Recently, my blog has begun getting inundated with comment spam. I've
poked around a bit, trying to research the best way to counteract this,
but it doesn't seem like an easy thing to do. Hence, I was wondering if
anyone else could offer any experience/opinions on the matter.
First off, I'll say right now that I'm not using MT or anything similar
that may already have plugins made to do this. The blogging software I
use is called PSG (Project Steve Guttenberg,
http://projectsteveguttenberg.org/), which I am a contributer to (as
such, I'll probably try to make whatever solution I end up using
available to others, if possible).
Secondly, I know I _don't_ want to set up one of those "enter the
characters in the below image' checkpoints, as I know that it is not
compatible with everyone (e.g. the handicapped).
What I _am_ looking for is something like spamassassin, only simpler.
Basically just a simple script which the contents of the comment will be
piped through, whos return code will indicate whether or not (or the
likelihood of) the comment is spam.
- From the googling I've done on the matter, it seems like I can't
actually use spamassassin because it relies too heavily on the contents
of message headers (of which there will be none). A friend suggested
that I package up a crippled version of spamassassin with all of those
checks disabled, but I think that will be bulky and suboptimal for use
in a plugin I intend to make public.
On a similar note, though I believe Bayesian filters are nice, I don't
think they would be useful here either. It takes quite a bit of ham and
spam to train a filter properly and I doubt that most users trying to
cut down on comment spam would have the time, knowledge, or patience to
devote to setting up and maintaining such a plugin.
Of course, this leaves me with very little to go on. Simple regular
expression searches are a major kludge, but they may just be the only
thing that will require little user effort to get going. Something like
MT-blacklist would be perfect, but as I already said, this isn't MT. Of
course, writing a plugin that USES the MT-blacklist blacklist may be
gernally useful... any thoughts on this?
(n_ Teri Solow
Nothing I do is my fault.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Techtalk