On Sunday, Dave at Blogography posted this:
Spam FAIL! The latest trend in comment spam? Copying somebody else's previously approved comment and working your website links into the text. This way, your comment looks legitimate, because it actually pertains to the blog entry. Of course, since I read every one of my comments and manually approve them, I know immediately if it's a spam-infused duplicate. BANNED! DELETE! All of the IP addresses of the commenters are coming from India, but link to US websites, which means this kind of lame behavior is somebody's job?! Lovely.
I've noticed this too, but the comment was from a Polish IP address for a Polish web site. I may have let it pass except it was a comment that I myself had made, and wasn't the sort of comment a Polish person would make. We have a lot of Poles in Bradford (for now, at least) but I don't think there are many based in York and Bradford, and still fewer who are still running a beta version of Windows Vista...
Incidentally, Akismet correctly identified it as spam but TypePad Anti-Spam didn't, thus cancelling each other out and letting the comment through.
So why use two antispam solutions?
Actually I use several - those are the two external services I use but MT also has some of its own rules (such as number of links in a comment and word/string matching). It also checks various IP and DNS blacklists.
It usually means that if one method fails, the others will compensate, but on this occasion that didn’t happen as they all cancelled each other out.
I’m waiting for Defensio to launch a MT plugin, so as to add a third opinion.