Shields Up, Captain!

If you’re one of the two people who closely follow my blog here, you will probably have noticed that starting mid-afternoon yesterday and leading into the early evening (all times GMT-5) my blog’s comments were successfully spammed by someone offering a mix of chances to win things at an online casino of your choice, opportunities to play online poker, and products designed to improve your sexual performance and/or enlarge certain elements of the male genitalia.

For some time now, I have been using the until-now excellent WP-reCAPTCHA plug-in for WordPress that had been (to my knowledge) effectively preventing spam-overload on my blog’s comments.  But as of last afternoon, its pretty clear that the effectiveness of at least my installed version of that plug-in has been drastically reduced — presumably by some SPAM-happy marketing consortium with enough spare time and R&D dollars to figure out how to penetrate the CAPTCHA that’s provided by that plug-in.

New SPAM Engine

So I have switched SPAM engine approaches from a purely CAPTCHA-based strategy to a more ‘traditional’ content-and-source-blacklist/whitelist-based engine that will evaluate each comment’s content and origin to apply a SPAM score to it and act accordingly.  If you’re curious, its SPAM Karma 2 and it offers me 20+ configurable factors that apply weights to the SPAM/HAM rating and also can apply its filters to your already-received comments to remove SPAM that’s already there (important since by then I had already acquired over 200+ SPAM comments that I needed to get rid of somehow).

Prove You’re Human

If the new SPAM engine considers that your comment may be ‘on-the-fence’ in re: SPAM/HAM (i.e., it contains too many hyperlinks, etc.) it may offer you a CAPTCHA to complete to ‘convince’ it that you’re a real warm-blooded human being — if you successfully complete this then your comment should be permitted.

But as with all things technology-based, its certain to be an imperfect process so if anyone posts what they believe to be a legitimate comment and it doesn’t appear pretty much immediately (I don’t manually moderate comments here so there’s no legit reason for you to see a delay in your posting), then send me an e-mail letting me know that one or more of my configurable settings is dialed up too high and I promise to look into it.

I REALLY dislike blogs that make you ‘login’, ‘register’, etc. in order to place comments because it destroys the ‘I’m just here causally thanks to Google and wanted to chime in on this one topic, not join a community’ thing that I think enriches the blogging experience for authors and readers alike so please be patient as I experiment with ways to both accomplish that goal and ensure that my blog doesn’t become the place people visit for the latest in online gambling offers and genital enlargement pills.

Thanks for your patience everyone!