Dealing With Comment Spam

Dealing With Comment Spam

As you may have noticed, we recently changed how comments are handled here on FCN. A couple of readers have contacted me about these changes, so I thought I’d address them directly here in case anyone else is wondering. I also thought this information might be useful to those of you that have weblogs of your own.

For background, we’ve been having problems with: (1) ever-increasing amounts of spam, and (2) legitimate comments getting flagged as spam by our filtering software. Given the volume of spam that we receive, we can’t relax the filter without letting a ton of spam through, so we had to come up with another solution.

Unfortunately, if a legitimate comment gets flagged as spam, it gets thrown into the spam folder where it might get lost forever. While I do my best to fish out legit comments that have been inadvertently flagged as spam, it’s a huge time suck, and I know that I miss some of them.

To combat this problem, we’ve installed a WordPress plugin known as Conditional CAPTCHA that allows you to “self-moderate” your comments if the filter thinks they’re spam. Here’s how it works…

When you submit a comment, Akismet tries to determine whether or not it is spam. Overall, it does a pretty good job, but sometimes it makes mistakes. More often than not, these errors are false positives, where legit comments get inadvertently flagged as spam. False negatives are very rare.

As it turns out, the vast majority of comment spam is generated by spambots (as opposed to real humans). Thus, if Akismet thinks a comment is spam, Conditional CAPTCHA steps in and presents you with a challenge question that can be easily answered by a human, but not by a spambot.

If the submitter answers the question correctly, the comment is either passed into the moderation queue or approved straightaway. If not, the comment is discarded as spam. The default is for the comment to go to moderation because Conditional CAPTCHA can’t distinguish between legit commenters and human spammers.

After enabling this solution, things have worked quite well, and we haven’t had any legit comments sent to spam. Rather, a number of you have successfully handled the CAPTCHA challenge and your comments have gone into moderation, where I’ve approved them as quickly as possible.

Please note that, while the CAPTCHA step may seem to be an unnecessary annoyance from your end, it’s a necessary evil from my perspective. Without it, your comment would have been incorrectly sent to spam and may never have made it back out.

10 Responses to “Dealing With Comment Spam”

  1. Anonymous

    I agree with AntiAkismet.
    at least 90% of my comments are blocked by the terrible Akismet spam filter, including an RV forum I used to participate in regularly as well as business blogs to which I have attempted to add relevant comments too

    I hope either gets a fix (like or dumps Akismet

    Maybe this comment will stick, likely it will not

  2. Anonymous

    Akismet also blocks my comments in 90% of my attempts though I do not insert any URL. So, when I do not see any captcha, I usually even do not try to participate

  3. Anonymous

    Impressive. I’ve never noticed any spam on your blog. Have you seen the comments on CNBC? Every other comment has practically the same identical spam — keep up the good work!

  4. Anonymous

    No problem – I certainly don’t think anything I have to say is THAT important, and you’ve always been fairly efficient about getting things our of the holding queue. It sucks that you have to go through all that trouble though.

  5. Courtney: Prior to that, it’s possible that your comments were going straight to spam and then being rescued by me (as possible). *shrug*

    Akismet does strange things, and it can be hard to get off their blacklist once you’re on it. They also factor in things like IP address, so it may be factors that are out of your control that are getting you flagged (like if there is a lot of spam originating from your ISPs network).

    For what it’s worth, I switched from the default (moderation queue) to direct approval last night and awoke to a bunch of human-mediated spam that had gotten through, so I’ve gone back to sending things to moderation following a successful CAPTCHA.

    I do my best to get things out of moderation ASAP, but it might take a little while depending on what’s happening in the real world. 🙂

  6. Anonymous

    Thanks for the update – I’m glad to know it wasn’t anything I was doing wrong. @ Ken – I don’t even have the website option filled in and I’ve been constantly getting flagged over the past week.

  7. Anonymous

    For some reason Akismet was always flagging my comments as spam regardless of the comment or the blog. The comments didn’t have any URLs in them. Only the website field was filled in, and I guess Akismet based its decision on that. Hope this new WP plugin will help fix this.

  8. Anonymous

    I think it’s a small price to pay. Also it’s better to distribute that work across all the commenter’s vs. focusing it on one individual to deal with. For a commenter it’s a small annoyance if anything, but for that one person it’d be a full time job.

Leave a Reply