Of course it is only a matter of time, but I have slowly seen a few comment spam posts on my blog here. This is an itneresting way to see the growth of comment spam and make a few observations.
First, I’ve only seen comment spam on just a few of my posts, and typically over a week I’ll get about 10 comments on just those posts, no others. Odd, especially since two of them even pre-date this URL and site (posts ported over from my older site). I would almost think I am just getting collateral damage from a link to my site from somewhere else, but no one links to those posts that I can see. I might have to analyze my logs a bit deeper just out of curiosity. They are also almost all in chunks and only yesterday did they start getting past the junk comment filters in MovableType.
1/09 – 1/21 spam came to html in email from 12/2006
1/22 spam came to malware analysis: free video codec from 11/2006
1/31 – 2/07 spam came to illustrated guide to cryptography from 6/2006
2/02 – today spam came to remoteregistry issues from 8/2004
2/13 – today spam came to turn off ssdp and upnp from 8/2004
Second, I thought about changing their spam comments to something like, “My IP is blah and I tried to post comment spam.” But that itself is spammy and won’t scale. Or post regularly about my spammers, but again that is spammy itself and likely are just “innocent” bots.
I think I’ll just keep deleting them, but I am happy with MTs ability to score comments and hold them Unpublished if there is too much HTML in the comments. Also, there are limits to the length of certain fields which no legitimate poster should bump against, but spammers might hit. Still, some do get through, though. I also like that I can subscribe to an RSS comments feed which will show me published and unpublished comments readily and I can catch these things.
Yeah, once the bots latch on to a URL, they don’t let go.
Adminspotting was getting about 200 spams a day. Akismet (really good spam detection) snagged 90% of it. I finally put a captcha on my comments yesterday and the spam dropped to 20/day, all of which Akismet is getting so I don’t get bothered with email comment notifications.
Welcome to the blogging world …
BTW, the subscriber count for your blog has been slowly going up in Bloglines.
I feel your pain. Once the bots have found your blog, they won’t let go easily. I’m using Akismet and block a few IP addresses in my firewall. That blocks around 99% of the “attacks”.
Anyways, soon we’ll see shiny graphics on this site, just like this? 😉
I am definitely going to check out akismet. Since I want comments to be open and not something people have to register for (blech!), I better just look into options sooner than later.