More Comment Spam

By Deane Barker on February 15, 2005

Comment spam on this site is getting relentless. It’s like a driving rain that just won’t stop. Every day, over and over — they never let up.

I’m running MT Blacklist, and I have to add about 10 domains a day. You should see some of the domains they’re coming in on — they’re getting close to just random strings of characters by now.

They come in waves. I’ll start seeing comments filtering in (usually about a certain card game), like they’re poking and prodding the system to see if comments will take. Then a deluge comes. I try to kill the “scouts” quickly before the mothership is launched, but I often don’t get to them in time.

You’d think they’d learn, because I think only about 1% of comment spams actually make it to the front side of the site. But cleaning up after a spam salvo is a huge pain, so the time invested in that alone is enough to piss me off.



  1. i know what your going through as im sure many others can relate. i have a personal blog as well as another one i contribute to. my personal blog is relentlessly hit with poker spam. the domain names look random as well.

  2. My blog was being relentlessly spammed (although none was getting through thanks to MT-Blacklist) until I installed Brad Choate’s DSBL-Deny ( And as Robert Frost would say, “that has made all the difference.”

    It blocks comments from the start if they come from an open proxy that’s blacklisted on the DSBL ( You can choose to have it moderate or deny based on that. I chose to have it deny, and it’s reduced the load on MT-Blacklist significantly. I would suggest that you do the same.

  3. Have you considered taking away the anonymous comments and having all us regulars register user accounts? I admit that it’s bothersome requiring an account to leave a message, but once you’ve verified that the person here requesting an account is a real person, you don’t need to worry about them again. As long as the spammer doesn’t get an account, your door is always closed.
    Maybe you could still have anonymous comments, but locked down a lot – very limited character length, long delay between anonymous posts, whatever. Just an Idea.

    Regardless, you ought to be using the ‘nofollow’ attribute. The more people who use it, the stronger it is.

  4. A certain card gamer tried to post a batch of comment spam the other day. All of it went into moderation. I decided to investigate the IPs sending me the stuff – open proxies. I then approached two universities, and companies in France, and the US. Result? Strike four open proxies from the p*ker spammers list. Most satisfying. You can read more about it here

  5. If this isn’t the best argument for ditching MT in favour of something else, I don’t know what is. Every blog I read these days is beset by the evils of MT comment spam.

    I’ve used Blogger, with a bespoke cgi-based comments system (not the woeful Blogger comments system), and I reckon I’ve been spammed maybe 10 times in four years.

  6. A similar argument is made every day… Windows vs. Linux.

    For me, its not about switching to something less common or harder to exploit.

    This is war.

    I will not be defeated.

  7. I’m a WordPress-powered blogger and can assure Martin that some WordPress users are also heavily spammed. It’s not just MT. However, I used Blogger for a couple of weeks with no spam before switching to WordPress. About a month later, I was spammed. The old blog is still spam free.

  8. I’ve made several (let’s see…6) CMS switches since I’ve started blogging. My WP blog was just as heavily spammed as my pre-DSBL-Deny MT blog was.

    I use MT for several reasons, including plugin architecture, multiple blogs, and the best/smoothest user-interface. Even if my MT spam load increased, I think that the prospect of my switching to some other tool would be highly unlikely.

Comments are closed. If you have something you really want to say, tweet @gadgetopia.