Some spam info

Well, to begin with, the definition of spam:

Spam is any unwanted Email, comments, track-backs, updates ...etc that spammers use to either promote their products (at the expense of your site and your bandwidth) or when they seek to enhance their Google ranking (due to Google design flow of counting the number of links to a site, look-up, Google-Bomb or Google wash. )

There is a limited number of measures users can take to protect from this type of spam, and here I'll talk about them briefly..

1. Implement a "Captcha" system
2. Enable comment moderation
3. Enable IP Address restriction
4. Contextual filtering
5. Applying (No follow) html trick
6. Implementing a 3rd party comment protection system (similar to Akismet)

Now I'll talk about their advantages and disadvantages in brief

Option1: Captcha

Although this would stop almost all comment Bots, it will not do much good with human users. It works great, but annoys the hell out of users

Option2: Enable comment moderation

With this open 100% of all spam is caught before it makes it to your site, while this proves to be bullet proof, it also puts the burden on the owner to stay in touch at all time, approving comments as they come along. Too much work

Option 3: Enable IP Address restriction

Although this is a very potent mechanism, the sheer number of Proxies, Zombies, and open relays on the Internet is staggering (Estimated to be >250,000 addresses at any given time). Without a dedicated service handing this, it would prove to be very difficult for all but the most technical of the users. The amount of effort is also huge

Option4: Contextual filtering

In this case based on the content of the comment, and the hyperlink associated with it, the system will accept or reject the comment. So for example if you find Pharmaceuticals in the comment, you reject it. But again, that's not bullet proof since a deliberate typo or changing l with 1 ("L" and "1") or 0 and o (Zero and O) would make it difficult for the contextual filtering to understand it

Option5: Applying "Nofollo" hack in HTML

This is a very simple to implement hack, but unfortunately, it will not stop spammers from commenting and polluting all your posts.. The idea is simple, you add rel="nofollow" to all your < a >  tags causing Google to not spider them.

Option6: Implement a 4rd party API that does this

Akismet came up with a fantastic way to do this. Unfortunately, it's expensive for individuals and corporations alike. And there is a certain privacy issue related to it. But since the comments are going to be public anyway. There really isn't any harm

Over the past couple of days, I've been subjected to a barrage of these drive by commenting promoting everything from Porn to depression medications. Luckily, I've implemented a system similar to Akismet, but has the virtue of options 4 and 3 above with different levels of restriction

I've also established a honey-pot that will attract these comment-spammers and as they do, I'm monitoring and recording their behaviors and coming up with measures against it.

So far I was able to capture 199 different slammers using around 500 to 600 different IP Addresses. All have been captured and logged. (In addition to another 131,000 other potential spammers) and the list is growing.

One day, I'll provide an API for this database, so other people can implement it, and rid themselves from this plague