[Techtalk] Blog spam

Teri Solow tsolow at terisolow.com
Tue Oct 12 16:56:57 EST 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Recently, my blog has begun getting inundated with comment spam.  I've
poked around a bit, trying to research the best way to counteract this,
but it doesn't seem like an easy thing to do.  Hence, I was wondering if
anyone else could offer any experience/opinions on the matter.

First off, I'll say right now that I'm not using MT or anything similar
that may already have plugins made to do this.  The blogging software I
use is called PSG (Project Steve Guttenberg,
http://projectsteveguttenberg.org/), which I am a contributer to (as
such, I'll probably try to make whatever solution I end up using
available to others, if possible).

Secondly, I know I _don't_ want to set up one of those "enter the
characters in the below image' checkpoints, as I know that it is not
compatible with everyone (e.g. the handicapped).

What I _am_ looking for is something like spamassassin, only simpler.
Basically just a simple script which the contents of the comment will be
piped through, whos return code will indicate whether or not (or the
likelihood of) the comment is spam.

- From the googling I've done on the matter, it seems like I can't
actually use spamassassin because it relies too heavily on the contents
of message headers (of which there will be none).  A friend suggested
that I package up a crippled version of spamassassin with all of those
checks disabled, but I think that will be bulky and suboptimal for use
in a plugin I intend to make public.

On a similar note, though I believe Bayesian filters are nice, I don't
think they would be useful here either.  It takes quite a bit of ham and
spam to train a filter properly and I doubt that most users trying to
cut down on comment spam would have the time, knowledge, or patience to
devote to setting up and maintaining such a plugin.

Of course, this leaves me with very little to go on.  Simple regular
expression searches are a major kludge, but they may just be the only
thing that will require little user effort to get going.  Something like
MT-blacklist would be perfect, but as I already said, this isn't MT.  Of
course, writing a plugin that USES the MT-blacklist blacklist may be
gernally useful... any thoughts on this?

- -- 
(n_ 	Teri Solow
//\ 	http://terisolow.com
V_/_ 

   Nothing I do is my fault.
		  -- Calvin


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFBbEUZCRjPPiFbVe8RAozlAKDaA67Wax22bK8kmgfXJWpaJkjipACgwYtM
qhd12jjgT0Ym+gok5eCrlYI=
=N/3o
-----END PGP SIGNATURE-----

More information about the Techtalk mailing list