In our past two posts we’ve looked at what comment spam is and how we can minimize it. Now comes the hard part — individually looking at the comments that make it past our defenses and deciding what to do with them.
Detecting Spam — Moderation Queue
If you’ve got Akismet or some other spam filter set up then you will have some potential spam comments in your moderation queue to deal with. Most of the blatant spam comments you’ll recognize and you can just skip over them. Once we’ve moderated the tricky ones then we’ll just delete everything left in the queue.
However, recognizing Sneaky spam takes a bit of learning. If you have only one blog then you’ll be less likely to see the work of spambots as they hit each of your blogs with the exact same comment. But over time you’ll see patterns that help you to recognize that a comment is likely spam.
First of all, check out who it is coming from. Is the name a keyword or a real name (or at least a nickname like LoneWolf)? If there isn’t a real name then that is a flag — not necessarily proof mind you.
URL and Email
Next, look at the URL that they entered and the email address. Do they match? Do they make sense? If not, there’s another flag. Keep in mind that many users set up throw away email addresses to reduce email spam so you may still have a legitimate comment even though the email looks strange.
Another flag that indicates possible spam is the lack of a Gravatar. Spammers rarely have them but keep in mind that the lack of one does not prove that the comment is spam. It is just another clue.
Ultimately, you have to look at the content of the comment itself. Does it relate to the post? Does it add value to the conversation? Many spam comments are very generic and usually complimentary (although I’ve seen those that issue a generic challenge). You’ll see things like “Great post!” or “You write very well. Are you a professional?” While it is possible that these are legitimate comments (they usually aren’t), they don’t really add to the conversation. They do feel good though — if they’re from a real person who wrote them sincerely.
Spammers are becoming more creative, and have taken to using quotations from blogs and/or comments to create the comments that they send. They also have comments that are related to keywords and target blogs that mention them. This makes it a little more tricky to catch the spam.
One tool that I use is Google. If I have a comment that I’m not sure about, I’ll cut and paste it into Google search with double quotes around it to look for exact matches. You’ll be surprised to see the exact same comment appear in dozens or even hundreds of search results.
But even then, the spammers are getting smarter. Just yesterday I got the following comment on one of my blogs.
I can’t understand how to add your blog to my rss reader. some recomendations are appreciated I really want to see your articles.
It seemed like a reasonable request for help, but I checked it in Google just to be sure. No matches! Well, let’s help this person out. I send them an email with a link to an RSS tutorial. Guess what! No such email address existed. So I did another search, this time with only the first sentence. Bingo! Ding! Ding! Ding! We have a winner! Dozens of matches — each with a slightly different wording of the second sentence.
Ultimately, you are going to have to decide whether a comment is useful for the conversation on your blog. You may sometimes block a legitimate user’s comment, but that is rare and they should have made a better comment in the first place.
There are many people out there who are dedicated to battling spam in many forms. One group that I’ve found helpful is Stop Forum Spam. This group has set up a database of known spammers that you can check to see if the name, email address or IP address matches a known spammer.
This group was formed to deal with people who sign up to forums in order to spam them and I discovered them when looking at the signups for my Drupal based site (Master It). I decided to test the spam comment that I mentioned above and found that the IP address was a match in their database. So, this may be a good resource for bloggers to use as well. They do have an API for checking and reporting spammers, so I can imagine a plugin at some point.
Detecting Spam — The Rest
Now that you’ve dealt with the moderation queue, you still need to look at the comments that made it through the filters and plugins (unless you’re moderating everything — you’re not do that are you?) But this should be fun. This is where you’re seeing actual conversations. There should be very little spam that made it this far, if any.
So read the comments, respond and enjoy. This is a big part of why we blog in the first place.
There is one last thing to consider before we leave this topic. Tools like Akismet and Stop Forum Spam will only work if we all report the spam we receive. They use existing spam to be able to detect future spam, so make sure that you report the spam and spammers using the tools that you set up for your blog. We’ll all have less spam to deal with in the long run.
So that leaves us with just one thing left … your comments! What do you use to help battle comment spam? What is the most creative spam that you’ve ever seen on your blog? Share your thoughts below.
While this was intended to be the last post in this series, an ironic twist presented itself and I couldn’t pass up the opportunity for another post. See Battling Comment Spam — A Real Life Example.