An open letter to comment spammers
Though I have fairly robust measures in place to deal with comment spam, I still see a few comments a day that make it into the spam review queue, including some that show the raw synonym blocks they use to try to get around the filters. I rarely read them, but a few of late have caught my attention, so I thought I would respond in a similar style.
Dear {Comment Spammer|Asshat|Scum},
Wow, {you are|you’re} {very|extremely|incredibly} {persistent|dedicated|amusing} in your {attempts|quest} to post {comments|ads|spam} to my blog. {Undeniably|Unquestionably|Definitely} you have {few|no} other {skills|talents|things to do} in your {pathetic|sad|dreary} life. The {simplest|easiest|smartest} thing you {could|should} do is get a {real|legitimate} job and stop {polluting|messing up} the {Internet|web|’net} with your {crap|spam}.
{Alternatively|Instead} you {could|should} simply {drop dead|FOAD} and make {everyone|the world|the Internet} a {happier|shinier|better|much improved} place.
{Sincerely|Regards|Best wishes|Hugs and kisses},
gordon
Comment spammers have been working full-speed on my blog as well. Akismet has been perfect so far though.
Yup, Akismet rocks, no doubt about it. However, occasionally I see a few comments that have been flagged as probable spam by Akismet in the queue. Lately, I’ve noticed many of them have a structure similar to my post. They reveal a lot about how their tools work, which must be a boon for Akismet.
My Akismet stats for the last six months show 53,733 total spam, 159 total ham (legit comments), 1 missed spam and 1 false positives. That’s a pretty impressive success rate.
Wow, you get hit a lot harder for spam than I do. My Akismet for the last 6 months lists:
1289 spam
186 ham
5 missed spam
3 false positives
Although that still means spam is outnumbering comments almost 7:1… and that’s AFTER I moved my blog. I had more spam on Typepad, and it took a while to ramp up after I moved it to Amazon.
I should add…
The spam isn’t always coming from bots. It’s from wedges who are working one of those “work at home” scams where they get paid for posting spam links.
I’d guess they’re running software + answering captchas all day just to post shit.
Yeah, you can see that in the logs. I assume that the spammers run systems that sit in between my blog and the drones and the drones just have to answer the CAPTCHA because I’ve seen the comments posted in batches of 5 or 6 from neighbouring IP addresses.
I guess I need to figure out how to crank up the difficulty of the CAPTCHA without making it too hard for legit users.
I don’t use captcha at all. Doesn’t seem to make a difference.
Interestingly enough, a piece of spam got by Akismet this morning.