Tag Archives: Akismet

The New Spam: Don’t Waste Your Time or Mine

Blog Badge, courtesy of FreshBadge.comIf you are part of the blogosphere, whether you are a blogebrity or (like me) toil away in blogscurity, you are probably aware of the First Universal Truth of Blogging: Comment spam is a royal pain in the blogterior. ((I don’t know that this is actually the First Universal Truth of Blogging, but writing about the Second (or worse, Thirty-Fifth) Universal Truth of Blogging isn’t quite as relevant or topical, so I’ll take a certain amount of artistic license.))

Fortunately, plugins like Akismet have proven (at least in the case of this particular blog) to be very effective at dulling the pain to a large degree. Akismet has caught more than 155,000 spam comments and trackbacks since I installed it, ((I know this because of the friendly message on my comment administration page that says, “Akismet has caught x spam for you since you installed it.” Where x is currently 155,632 but will almost certainly be over 160,000 by the end of the month. And that’s on a tiny little blog with almost negligible traffic. I can only imagine that the aforementioned blogebrities are seeing 160,000 or more spam comments every single month.)) and that means 155,000+ comments about bizarre (and often illegal) sex practices, bizarre (and often illegal) sources for prescription drugs, and bizarre (and often illegal) quotes for car insurance that you never see. Akismet isn’t perfect; it occasionally captures a legitimate comment, which means I have to monitor my spam queue just to make sure there’s not a comment from Dave in there. ((No, the other Dave.)) Akismet also lets a handful of spam comments through to my moderation queue every week, but on the whole I’d say it’s got a better than 90% accuracy rate at catching obvious spam.

The obvious spam that Akismet misses are easily spotted and dealt with accordingly; they usually contain dozens of links to sites of dubious nature. It’s the clever spam, the stuff that makes at least a minimal effort to be relevant to the original post, that sometimes throws me for a loop. Here’s a sample that I moderated today, posted on my review of the movie Transformers:

From: Ford Lover [Okay, there’s the first tip that this isn’t entirely legit, but maybe it’s just a guy who really likes Fords. I’ve known a few of those in my thirty-five years.]
Comment: I wasn’t as thrilled about this movie. I would like to see a Ford transform and beat some Chevy’s! [Hmm, that’s actually kind of germane to the discussion. There are no links to obnoxious websites in the comment, which is good. And, hey, there’s a punctuation error! How human! Maybe I should let this one through…]

Except that Ford Lover’s website (which his/her name would link to, should the comment be approved) isn’t a blog, personal page or even a MySpace/Facebook profile, it’s a car dealership ((Sorry, Ford Lover, I’m not going to say which one.)) with a streaming video ad that automatically plays when the page is loaded.

I’ve seen this type of comment creeping in for a couple of weeks now, and I’ve been on the fence as to whether or not to allow them simply because, at first glance, they do appear to be relevant to what passes for the conversation around here. I’ve even been tempted to strip out the annoying link and approve the comment, but that would open the door to a barrage of spam from the same individual/IP address. ((In theory, once I’ve approved a comment from an e-mail or IP address, future comments from the same address won’t be held for moderation or marked as spam. Which doesn’t explain why Dave’s comments are consistently flagged by Akismet, but…well, it’s Dave; he’s gotta be difficult.))

Plus, there’s nothing in the actual content of the comments of this nature that really compels me to respond to them. I suppose I could start a big GM-versus-Ford back and forth with “Ford Lover”, but for the most part I just don’t see the comment adding much, despite its initial apparent relevance.

So, here’s the deal: If you’re trying to sell something, go away. If you link to a site that isn’t your blog or other personal page (MySpace, Facebook, Friendster ((Just kidding.)) or the like.) or a page that isn’t immediately relevant to the content of your comment (e.g., citing a source, linking to a Wikipedia entry or an article on SciFi.com or a page on IMDb) I’m going to dump your comment into my spam queue and you won’t have an opportunity to establish a dialog with me and the readers of this site. Do you work for or own a car dealership? Too bad. Don’t link to it. I work for an insurance company, but you will never see a link to a site trying to sell you insurance here. Not going to happen.

Sadly, the spammers aren’t going to abide by this rule; I’ll keep seeing the same type of garbage day after day, ((Bring it home, baby, make it soon.)) but now I won’t hesitate for even a second before I dump it into my spam queue. I’ve established a rule, and that feels good.

EDIT: This comment from “Seamus Burns” appeared in my spam queue only a few hours after I wrote the post. I didn’t immediately notice that the commentor’s website is a rate-comparison site for hotels in Singapore until after I had read through the comment twice trying to parse it:

It was cool to compare the comment and start to just hang out. Ford Lover was the First Universal Truth. Anyway, as I write this at links next morning, I still have no links in my pack – we weren’t able to dry it overnight.

EDIT: (21 August 2008) Dammit, here’s another one, this time commenting on my post-Christmas 2007 entry:

Christmas was great… my son actually jumped with glee a few times. And, you know its a good year when someone tells you that hearing from you was the best present of the day. I think I actually felt my grinch exterior sloughing off… I may even hang a wreath or something next year

Just found your blog and etsy shop – and I’m a fellow etsian. I agree – the word of mouth and how things move around are very interesting and it’s great to hook up with other’s to spread the word. Your markers are great – different and not the everyday that you find out there

Ooooo, if only I need new something like same … I’ll check yours out some time again. thank you.

First off, I don’t have an “etsy shop”. I’m not against Etsy, ((Frequent commentor Nycteris has an Etsy shop where she sells handmade jewelry and some seriously awesome clay sculptures of little dragons and other beasties. I don’t feel at all hypocritical linking to it in a post railing against using my blog as a place to shill your own wares. Why? Because Nycteris contributes to the conversation; she’s not just here for marketing purposes. In fact, she’s never linked to her Etsy shop through the comment form.)) but this commentor and I aren’t fellow anything. Second, it’s August. Christmas 2008 is four months away. Yet this commentor talks about putting up a wreath “next year”. That bugs me for some reason.


WordPressOne of the things I like about WordPress 2.5 is the native support for Gravatars, globally recognized avatars. The idea is pretty simple: register with your e-mail address at the Gravatar site, upload a picture (I used a photo of myself, but that’s not a requirement). Once your account is set up, anytime you leave a comment on a Gravatar-enabled blog, your e-mail address is sent (using the magic of cryptographic hashing) to the Gravatar server. The server then does what servers do best: it serves; specifically, it serves your globally recognized avatar to the requesting blog, which then (typically) displays said avatar next to your comment.

Here’s a sample comment from my WordPress 2.5 upgrade post:

Blog comment with Gravatar.

That [handsome] fellow in the corner of the comment should look familiar, and if P.G. Holyfield had a Gravatar account his comment wouldn’t display the generic “Oh, no, I don’t have a Gravatar!” image ((Or perhaps the “Oh, no, I provided a fake e-mail address in the blog comment form!” image.)) in the upper left:

A comment from a user who does not have a Gravatar account.

Each Gravatar has a content rating—G, PG, R or X—and WordPress has a “Maximum Rating” option that determines whether Gravatars of a given rating will be displayed. I try to maintain a family-friendly blog for the most part, so I’ve set the Maximum Rating to PG, which won’t prevent people with photos of “Lando and the Ugnauts” as their Gravatar from commenting, but will prevent said photo from displaying next to their comment. Seriously, put that thing away before you get us all killed.

Originally, I was going to use a WordPress plugin to handle Gravatar-wrangling, but when I discovered that one of the features of WP-Gravatars made my blog spew green pea soup (or lose its database connection; I forget which), I started poking around for alternative solutions. As it turns out, I didn’t have far to poke: Sandbox, the WordPress theme that serves as the underlying framework for my custom blog theme, had recently released a new version with Gravatar support. Once I had the latest version of Sandbox installed, it was just a matter of tweaking the CSS to style the new Gravatar-enabled comments the way I liked and voila, one Gravatar-enabled blog.

If you start browsing through old comments on the blog, you’re going to notice something: most of the people who comment here don’t have Gravatars. ((Or perhaps they have naughty Gravatars and I won’t display them.)) That’s fine; I’m okay with adding a feature just for folks like Jason Penney, Sam Chupp and Cynthia Armistead, especially if knowing that their smiling (or illustrated) faces will show up on my site encourages them to comment more.

Should you use a Gravatar? It’s up to you. If you’re worried about your e-mail address being used for nefarious purposes (like flooding your inbox with ads for Lando-enhancement products), consider this: Gravatar is owned by Automattic, the same folks who make the spam-comment-killing Akismet plugin (the very plugin that has backhanded nearly 110,000 spam comments on this blog and kept it from becoming a nightmare to maintain). You think they’re gonna sell your e-mail address to spammers?