Fighting Comment Spam

It’s so easy to get throwaway email addresses and throwaway domains combatting forum spam can be very difficult.

Here are some options:

1) use mod_access to ban open proxies

Similar to the approach used by denyhosts, this would blackhole proxies that are often used by bots.

2) publish ip addresses and signup dates to a central server

If there is too much signup activity around these ip addresses, a forum can retrospectively ban them.

3) work with a central service which answers questions like this:

how many different ip addresses are used by the poster xyz@hotmail.com

how many forums is the xyz@hotmail.com signed up to

Privacy can be maintained by having forum owners upload hashed email addresses, or using bloom filters.

4) Emails from low-trust domains (i.e. susceptible to bots) will result in the user being put through more hoops to register as a member, and posting

5) Easy bulk auditing of hyperlinks posted in forums

6) Transparent spam policy

7) Use overture.com data to assess the relative value of words being posted. Words with high CPC appear first during bulk audits.

8) Possible spam hyperlinks are turned into plain text

9) Flag possible spammy domains, e.g. multiple email accounts from 1chuan.org for example

10) Flag possible spammy email names, e.g. three consonants in a row

11) Flag possible spammy email to user name correspondence, usually user handle and email are related.

From defunct spamproofwiki project on sourceforge ,

Spam protection includes no posting of URLs by public members, e-mail sign up, RSS feed of IP block list, easy ISP reporting of attacks, Bayesian IP blocking, random submit fields and Google rel attributes.

Update: SpamHuntress is losing ground. Where’s akismet for wikis?