Back in July, I installed Comment Challenge, a plugin for Movable Type which adds an extra question to the comment form for those not using OpenID. Until the past few days, this has blocked around 99.9% of the comment spam I’ve been getting – I’m up to around 1 spam comment every 3 minutes now, but thanks to this plugin all I see is an event in MT’s activity log which just needs purging from time to time.
Recently, more spam has been getting though, though we’re still only talking maybe 0.2% here. It seems that spammers are now taking the time to manually enter spam comments on high-ranking pages, and doing so in a way that makes them look like legitimate comments – they usually refer to the subject of the entry but will have some spammy link as the provided URL. One dude in Pakistan entered around 8 comments over several hours here under various false names – his one mistake was to use the same IP address each time.
I’m still deciding what to do. I may remove the URL field altogether for those who haven’t authenticated through OpenID, using Brad Choate’s URLess plugin. I’m not going down the route of blocking all unauthenticated comments, nor do I have the time to manually approve all authenticated comments (especially as I am going on holiday next week). However, I’d appreciate some feedback.