The Death of Comments

It's sad and disappointing but the death of blog comments may be near. It's getting harder and harder to fight against the hordes of spammers and mediocrity and animosity out there.

Now, I do have to say that for the most part, I've been lucky. I've managed to escape much of it. I have a custom built spam filter that does a decent job of keeping out the blatant stuff. It's interesting just how predictable automated spam is.

What it can't stop, though, are those that abuse blog comments to gain link love. I keep a pretty close eye on things. I see people using services like LinkVendor to determine pages with decent PageRank and then proceed to leave a semi-relevant comment only to include a link to their super cool, ad-plastered e-comm site. Or those that are totally into getting involved and participating in the conversation but use an author name like, "Ottawa Web Design Services." Thanks for cheapening the whole thing.

I've been very tolerant as I really want people to participate. For example, I don't close comments on older posts. I should but I have posts from years ago that still get real people asking real questions. I like that. I support that. I feel defeated any time I end up having to shut down the comments on a post. It's like the spammers have won.

More and more, people are closing up their comments or never adding them to begin with. Has the time come to close the doors on blog comments?

Published April 18, 2007
Categorized as Opinion
Short URL: http://snook.ca/s/797

Conversation

72 Comments · RSS feed
kyle said on April 18, 2007

comments are the difference between reading an magazine article and reading a blog post. in many cases, even if i have nothing to contribute, i like to see a comments form as the comments are often more useful than the article (not on your site of course:) )

i don't mind seeing a few spam comments in exchange for a few insightful comments, and i really think that the internet as a whole will be much worse off without comments

Roger Johansson said on April 18, 2007

I will keep fighting to have comments enabled. Without them my blog would be much less useful to others.

As part of that fight, I am getting much less tolerant about comments that use a company name or SEO phrase instead of a real name. In fact, I think from now on those kinds of comments will be deleted and marked as spam.

Andrew Rickmann said on April 18, 2007

I still see a lot of relevant comments and interesting conversations happening, so I don't think we are nearing the end, or that we should consider turning comments off.

I do think we need get better at preventing spam and deleting off topic links but I do think it is manageable.

Rian Orie said on April 19, 2007

Personally I think that this is where the magic of OpenID and other type of registration comes into play.. Naturally you're only one of the many many many people that has this problem and in due time there'll be someone who registers commentersblacklist.com and writes a little API to link blogs and services to it to verify a commenter..

Then again, register a new name and you're set again. hm..

Either way, comment's are half the article.. I don't believe a lot of the articles we see around the intarweb are done until the comments have been included.. they share thoughts and allow for new insights making the article more extensive than the author originally set it out to be.. it's organic and it works.

eh, in short: keep em open ;)

Jason Kataropoulos said on April 19, 2007

I think that the title “The death of comments” is too harsh.
There will always be a way to filter spam comments, well at least most of them. You even pointed out that automated spam is predictable.

As for the link love (I like this term) you are correct. A good way to avoid this is to approve email addresses on their first post. Correct me if I am wrong but I remember you having to approve my email address after my first comment on here. This is, to my opinion, a very good approach and I have mimicked it to my blog.

Other than that, I haven’t ever spotted a spam comment on here. Was wondering, how much time do you spent handling spam comments?

Ben said on April 19, 2007

It will be a shame if you do close comments but once you cross the line where managing them takes more time than actually getting any work done, I suppose its the logical thing to do.

The Akismet service catches almost 100% of my spam, but like you say you still have to manually delete the human spammers who post crap.

jamjammo said on April 19, 2007

How bout something like this?
http://15daysofjquery.com/safer-contact-forms-without-captchas/11/

MrQwest said on April 19, 2007

I Certainly hope not. I Feel that comments are an intergral part of the internet these day's.

With sites like yours, it's invaluable to be able to ask questions regarding the main post, or to even allow other commenters to add to your initial post! Little tweaks here, or a bit of advice there.

Fingers crossed you allow the comments to remain!

Colin Ramsay said on April 19, 2007

I just talked about this in my own blog post, citing things such as Kathy Sierra's recent community issues and Zeldman's post a few days ago on a very similar theme.

I think another issue is that you don't want to make it too hard (signups, CAPTCHA, etc) for real people to post on your site - valuable commenters shouldn't be punished because of spammers.

Matt Wilcox said on April 19, 2007

I'm not sure whether it's simply the obscurity of my own blog, or my custom comment handling, but I currently have no issues with comment spam, and I never have. I also have no issues with lazy buggers adding short, semi-pointless comments simply to get a link back. The reason for that is comments on my own blog require the commenter to click a link on an automated Email. This verifies they're real people and the extra effort required to get a comment on is too much for lazy people.

Of course, the other way of helping to kill that sort of comment spam is to simply not allow links.

I doubt this is the end of comments on blogs, but I won't be surprised if you end up needing to 'become a member' using an OpenID account in order to post on blogs. This way there's better control on offer for blog owners, as a list of known spammers could be collated, and meta-data on their spam-liklihood could be sent to the blog in question, who could then decide whether to post anyway, or bin it.

Nathan Pitman said on April 19, 2007

For the sheer irony you should have disabled comments for this one. ;)

Personally I feel that comments (good comments) are intrinsic to running an open blog. They provide a valuable mechanism that allows you to engage with your audience.

Chris Huff said on April 19, 2007

I hope not. I think a lot of people are just now getting comfortable commenting on websites. I think we need that extra bit of interaction to distinguish the old model of internet from the new. Comments need to increase, not decrease. We do, however, need to figure out better ways of keeping spam from getting through.

Andrew Ingram said on April 19, 2007

For comment spam I make use of Akismet to filter out the obvious spam (which unfortunately is increasing quickly), I then tend to delete any comments that look suspicious or don't contribute.

It's ridiculous that my site has been up under two months and I already have a serious comment spam problem.

But comments are important and I really want to avoid closing comments on any posts.

Tim Adler said on April 19, 2007

Most definitely NOT! Comments are the one great thing that makes the difference for the web. Not only the publishers content matters but the reponse from the reader helps making the statement more relevant or gives different views.

But I really agree: Spam gets more and more difficult to detect. I also use Akismet to determine spam, but it has real problems with detecting those "only link"-comments that have "Nice!" or something else in them

Problem is these "Nice!"-Comments finally server a purpose. While spamming didn't really help, cause nobody would click their stuff, this raises their pagerank... tragedy, but we'll deal with it!!!

Aaron Bassett said on April 19, 2007

I use askimet alongside wp-gatekeeper to keep most of the spam of my blog. Then for the few which might slip through (none yet) I use the dofollow plugin which allows me to automatically remove nofollow after 24hrs, so I have time to weed out any obvious spam.

As for the death of comments - I think that would be a massive blow to blogs in general. Blogging (for me at least) isn't just about reading/writing posts. Its more about communication and participation. I have received alot of valuable advice and information in comments I have received. And hopefully have left some as well. It is this kind of interaction that makes a blog different to a printed article.

Also if comments were done away with it wouldn't just effect blogs. Take the php.net documentation, alot of the time I have found the comments more useful than the documentation itself.

We shouldn't be giving into the spammers and disabling comments, we should be finding better ways to filter out and block spam.

Kilian Valkhof said on April 19, 2007

I fear the day that blog comment spam becomes as dominant as e-mail spam. While things like OpenID and other (de-)centralised services do help a bit, I don't think they will get anywhere near to putting an end to comment spam.

I get a lot of automated spam, and not so much real human comment spam (or real human comments, anyway :P ) Akismet takes care of my non-human spam very thoroughly. Human spam is insignificant compared to that.

As some have said, Comments are half of the actual article. For blogs, it's not realistic to close them.

Ricardo said on April 19, 2007

I don't think comments will completely disapear. Most blogs will naturally evolve to a model where commenting is protected by Captchas, signups, private groups, friend-to-friend ... and the bloggers will have to think on another way to get popularity, instead of leaving the door open to anyone. I think the 'signup model' is a good option to avoid animosity and the incredible-two-words-comments, such as "very good", or "nice post".

Ben Hirsch said on April 19, 2007

C'mon Snook. I would have expected a better attitude about this! :) Maybe it is time for a blog post about making custom CAPTCHAs or something.

I sympathize though. All of my client's blogs are experiencing this problem. Even Akismet seems to be letting a lot of crap through.

There must be a way to defeat these f'ckers.

Cheryl said on April 19, 2007

I totally agree.

We're one of the best online agencies, check us out.

:)

Sorry, couldn't resist.

I haven't seen too many of the semi-relevant ones, I seem to only get the spams for cheap watches and "water sports" (?). As much as I hate captchas as a user, it might be the way to make it more onerous for the spammers to bulk comment.

bryanl said on April 19, 2007

I would really hate to see the comments go away. I saw someone else mention OpenID. Maybe this is the answer to your problem, and maybe it isn't. I really hope you can solve it. The feedback part of blogs is what makes them so great.

Anup said on April 19, 2007

To address link spam, are you finding that using rel="nofollow" in anchor tags does not work? And mention it in your comments form.

Or how about disabling HTML (annoying, but maybe not the end of the world?)

Anup said on April 19, 2007

Sorry, badly worded comment above. I meant to say, if you decide to use rel="nofollow" you could mention it in your comment form (where you say you accept HTML), so perhaps it will put potential manual spammers off.

Nate K said on April 19, 2007

RE: Anup
The issue is rel="nofollow" isn't a catch all. For instance, google will still follow the link - but not give it ranking, yahoo will both follow and give it ranking. It isn't spam proof to use that (unfortunately).

Snook,
I agree that the comment situation sucks (not that I get a lot of comments - but I still have to battle spam). Comments are really weird, and Roger mentioned this a while back - about getting real, quality comments versus the 'yes maams' and 'me too' comments that tend to fill a page. Those comments are almost as worthless as the spamming comments (some spamming comments could be of more value!).

Commenting is good when the discussion can stay on track. I don't mean always agreeing with what you have to say, but when people can respond in a civil manner and communicate with each other.

I think Digg has helped to ruin comments (Even on their own site). Most posts just turn into a battle of wits, and most people don't even understand the topic at hand - they just want to belittle someone (Ive seen this on many different blogs).

So, as much as commenting is great to keep open - it really is up to us to fight the spam and have a filter on comments that don't really participate to the discussion at hand. Some would say its censoring, but I think it makes for a much higher quality blog when you can filter out the nonsense (spam and 'me toos' - i am guilty of the me-toos), and have good quality conversation.

And, just so you don't think im spamming. I'm not going to leave my URL for you :)

Jason Leveille said on April 19, 2007

Perhaps one day I'll have a site which generates so much traffic that I'll have real experience with the frustration of spam management, however currently that isn't an issue as I approve the few comments I do receive.

My real frustrations comes from spam in forums. Now there is a topic I could go off on. I manage a few forums and the amount of people I have to ban, and the amount of spam I have to delete, is absolutely absurd.

Jonathan Snook said on April 19, 2007

@Jason: I certainly try to be diligent with spam and even those comments that try to abuse the link love. Regular readers are unlikely to notice as spam tends to hit older articles since they have an established PageRank and are (as spammers must assume) less likely to be noticed by the site owner.

As for how much time I spend, it's hard to quantify in an accurate number. I probably only spend under 5 mins a day on it. I get notified of any spam in moderation or that goes live so I can see who's saying what and nip it in the bud before it goes too far, often within minutes of the spammer posting a message.

@Colin: signups and CAPTCHA's would definitely not be the way I want to go. Too restrictive and doesn't stop people trying to post just for the link love. I don't think quality commenters should be punished.

@All: In thinking things through this morning, I may have a solution: ask for a URL but only commenters who've left at least 3 comments will have their URL posted. I like rewarding repeat commenters.

Nate Klaiber said on April 19, 2007

I think you should reward people with some of those 'Snookie Cookies' - that would be much better than a URL.

Arpit Jacob said on April 19, 2007

Heck your are absolutely right. I just launched a blog this month and akismet already is catching 30-40 spam comments perday.

Lorenz said on April 19, 2007

yeah...das pretty sad! just today I saw an interesting flash-blog closing its comments due to horrible spaming-attacks...

www.ricardocabello.com/ RIP...no, it's not so bad, I still keep reading you ;-)

Nathan said on April 19, 2007

If OpenID had more acceptance, it might be a solution to this.

Doctor A said on April 19, 2007

Oh' Great! I set up my first blog today and then I come here and the topic is this. Since I am still pretty new at web design I can't wait to see what happens. My kids like to laugh at their stupid dad so they go to the site. I have always forced all comments to an unpublised area then I read them and adjust them or delete them before anyone else can read them. I hoped to let the blog comments go up without this step but it looks like I may be wrong. Fortunately no one comes to my site but friends. I do appreciate this blog and I love to read the comments so do your best to keep it going. Sometimes I learn something from your replies to the comments.

Lance Fisher said on April 19, 2007

You know, I'll still read the articles if you don't have comments, but I agree with everyone here that they are quite valuable, and it would be a shame to see them lost.

Andy Kant said on April 19, 2007

@Snook
I don't think that the three comment system would really do anything to prevent "link love." It might be more effective to combine it with a white list (or automatically added to a white list until proven otherwise).

Luke Breuer said on April 19, 2007

You might be interested in checking out a forum post on SomethingAwful.com titled Forums, blogs, and spam: sifting through information. There, I (username == Victor) suggested that a sophisticated reputation system be developed, one that [somewhat] mirrors how reputation is determined in real life. This is a problem I do intend to solve, hopefully with lots of help. :-) I would like to setup a web application used to aggregate information in the near future, but I need to figure out how to deal with spam before it can be realized.

I think the next step is to consolidate the discussion above and the discussion in the thread to which I linked above; if people here are willing to discuss this further, I'd volunteer to do it.

In case this missed some of you, Jeffrey Zeldmen posted Comments are the lifeblood of the blogosphere, which seems to fit nicely with this blog post.

Dale Cruse said on April 19, 2007

I have always felt that blog platforms give short shrift to comments. As a reader there is no easy way to track a comment conversation. Sure, you can publish an RSS feed for comments, but that quickly become a bloated, inelegant solution. If we could develop a system to address this, companies like SixApart and WordPress would beat a path to our door!

Jonathan Snook said on April 19, 2007

@Andy Kant: I dunno, I think if you make it through to 3 approved comments, you're pretty golden. As it is, I use a similar system as far as how many links you're allowed to include in a comment.

@Dale Cruse: There's a service called co.mments that works really well. It's what I use anytime I leave a comment somewhere. Some sites also include email subscriptions but I don't like that because people don't unsubscribe and it's easy for spammers to spam everybody subscribed to a post.

Nathan Garza said on April 19, 2007

Little late perhaps, but I find that a large part of the value of most blog posts is the resulting conversations! Many times I've found solutions or new ideas, etc in the comments. Long live comments!

John Giotta said on April 19, 2007

Have you not tried graphical confirmation?

Ian said on April 19, 2007

@Jonathan, get rid of the URL field from posts. It has no real relevance to the article you posted.

If you post an article on the latest CakePHP hack and you're getting URL's linking to Barry's Web Design Services (under the guise of Barry Smith), it's simply not relevant to the article. And really, it's barely different from the "Ottawa Web Design Services" situation you mentioned.

I know it's nice for people to link to their site but really, it's nothing short of advertising - which in effect is what you don't want.

Jermayn Parker said on April 19, 2007

I agree with everyone hear that comments are what make blogs and that they are a must.

I use Spam karma and that works for me, I do not get a huge amount of comments as im a small fish (in a large pond) but I do not have to deal with any spam as it catches it all, it lets me know of the comments awaiting moderation.

Georges Jentgen said on April 20, 2007

Closing the comments is just like taking the flying carpet away from his rider :)

It's what drives blogs today: comments and the resulting discussions out of that. It's always interesting to have a good read (article-wise) but after that it's more interesting to read comments from other people. Especially when they contribute their own experience.

Closing comments kills the main idea of blogs and the web2.0 ;) -> yeah I said it...

Mike Hudson said on April 20, 2007

I had little faith in methods that tried to combat comment spam....until Askimet by Automattic. Nothing has got past that puppy, and if it did then simple moderation isn't too much of a hassle (I'm speaking from Wordpress experience only)...

Matt Robin said on April 20, 2007

Can I comment on this one? Yes? Cool!

I like your idea of the '3-comments and you can have your URL displayed' - that's good!

Comment spam is a shame - but it's inevitable backlash from the open communication that makes blogs so interesting too.

Good luck with the spam-fight! I hope you don't close comments too soon...

Radek Litman said on April 20, 2007

I've developed a system that uses an expanding set of regexp-based rules to filter out comments that are 100% spam (it's quite easy) and to mark other messages as suspicious. Suspicious messages are for example non-automated spam, racism, hate speech, etc...
Marked messages are read by a human operator that decides to leave a message or to hide/delete it. Repetitive offenders are banned by an IP address (if it's possible).
The site gets 300 - 400 comments almost every day (excluding Saturdays and Sundays), and there was no need to implement CAPTCHAs or some other user-unfriendly spam-fighting methods. There are usually less then 10 messages to verify each day, it takes about 5 minutes to read them all...
Unfortunately, the system is closed-source and is tightly integrated into a big cms.

Kasimir K said on April 20, 2007

1. You want to have the URL-field, so that commenters can leave their URLs, so that others can visit their sites.

2. You don't want to have the URL-field, because "link love commenters" abuse the links.

...

Hold on! 1 does not necessiate 2! Leave the URL-field, but just display the URL - don't make it a link. I think copy-pasting URLs is a small price for the luxury of commenting in the first place.

Mou said on April 20, 2007

Thats crazy talk. Half the fun of starting a blog is wondering whether people are reading it!! ;)

Jem said on April 20, 2007

Like yourself I've managed to escape a lot of spam with my own custom spam filter (based on a score using 'bad' words, the amount of URLs in a comment, etc) and for the most part it's effective. This past week though I've been hit by 10 or so spam comments a day but they don't contain anything blockable - it's getting to the point where if I add more filters I'm going to be alienating genuine commenters.

I also have had an influx of people using "bla bla Creative Design" etc as their name which I've taken to editing or deleting altogether. I already allow link love by not giving my blog nofollow, people should respect that and be a bit more discreet!

Anyway, despite this I don't see myself closing down comments and hope other people will say the same.

Fredrik Wärnsberg said on April 20, 2007

Perhaps a solution to your problem would be NOT allowing people to post a URL for their website?

Even if I think it would be a shame since I've found plenty of useful and good sites via blog comments, maybe it needs to be done?

Chris Meller said on April 20, 2007

Close comments? Absolutely not. That's the *point* of blogs... conversation.

People who just shut off comments (either entirely, or on posts older than 60 days, etc. etc.) annoy me. That's the cheap way out. Do you shut off your email address because a few spam entries get through every week? I don't think so...

There are so many tools and options when it comes to protecting blogs these days, that it just seems horribly lazy to me when someone kills comments on their blog.

Unfortunately, since you wrote your own blogging "platform", you're somewhat out in the cold there. Wordpress in particular has a number of highly effective spam-fighting plugins (Akismet and Spam Karma 2, most notably). Even though you can't actually use any of them, it may be worth a look to get some ideas on better ways to protect your own blog.

Don't take the easy way out... Sure it may take a little extra effort, but in the end having personal interactions with people through your blog is worth the added hassle of dealing with a little spam now and then.

Dustin Diaz said on April 21, 2007

I'm getting more clever spam comments by the day. I think I'm getting real people actually typing in my form, adding relevant content to the particular post, yet none the less, it's legitimate spam. It's annoying the hell out of me. You should really see some of these comments, so damn clever and somewhat believable that they could be real comments, but in the end - it's f*ing spam! It's really starting to annoy me.

Tim McCormack said on April 21, 2007

Even if you've written your own CMS, you should be able to integrate Akismet. I think they have a client-agnostic service.

JW said on April 21, 2007

You could disable the URL field on comments, but I don't think this is going to stop spam. I think most spam bots simply search the page for a textarea and put some text in it, and search an input field with a name like "website" or "url" and paste their URL there. Even without a URL field, they'll just keep posting the spam, only without a URL attached to the author's name.

The most effective solution to me up until now has appeared to be the WordPress plugin Spam Karma 2. I first tried Akismet, but after some time, spam comments started getting through. I then tried Spam Karma, which appeared to work much better. Spam Karma works in a different way: it calculates a score for each post indicating how likely a comment is spam, its "karma". Then, several modules can increase or decrease the score: more links in a comment will make its karma decrease, a comment posted only a few seconds after the page was loaded gets less karma, a "JavaScript payload" can be included in the comment form, and so on...

Spam Karma 2 also doesn't simply delete comments that are - according to it - spam (like Akismet). Because all comments have a karma, comments with a karma between a specific range can be put in the moderation queue, while comments with a karma above a specified amount will be displayed immediately, and others will be deleted. That way, I can still check comments where the plugin is in doubt manually, avoiding false positives or negatives.

Felix Geisendörfer said on April 21, 2007

Hey Jonathan, I agree with everybody who is recommending you Akismet. Since I've started thinkingphp.org it caught 70,906 spam comments until today which is about 150 / day on average (but much higher in the past months). I have to manually delete spam every 2-3 days which is acceptable to me.

To make it more compelling to you: I've written an Akismet Model for CakePHP a while ago, so give it a try if you feel like it ; ):

Jonathan Snook said on April 21, 2007

@all: just to be clear: catching automated spam hasn't really been an issue. Sure, I could add Akismet but it likely wouldn't catch any more or less than what I've been getting. Like Dustin said, it's the ones that go through the effort to create some semblance of a relevant comment that annoy me. It's the people who use names with keywords in them. These types of spam wouldn't get caught by Akismet.

They're very deliberate. They'll look for pages with high page rank and look to contribute in a relevant way. And yet, it's still spam. And these are the types of people that I think need to be dissuaded.

Derek Allard said on April 21, 2007

I specifically made sure that my links did not have rel="nofollow" because I wanted to reward people who contributed in a meaningful way, but I drew some criticism for it.

I wonder if you couldn't fight people blatantly leaving semi-relevant comments by not providing any links at all in any comments. You could always display the URL if someone really wants to follow a link.

I've noticed these types of comments on the forums I moderate as well "yes, that sounds good" is about the extent of the comment, followed by a 3 line footer touting their site. M'eh.

Mark Perkins said on April 22, 2007

This is something that has really been worrying me lately. Not just the spam comments but the increasing use of comments as a way to attack the blogger, either on professional or personal terms. A couple of prominent bloggers have had to shut up shop because of it and that is just unacceptable.

Maybe we need some sort of global registration system that requires people to provide full passport details, bank details, address, etc etc and then only allow people to comment on your site who are registered with it. Spam and malicious commenters get reported, shut out, fined or tracked down by the police....

kinda sad that such big-brother thoughts even cross my mind but that apart from something like that i can't see an obvious solution, apart from 'comments off'. A great pity.

Abu Aaminah said on April 22, 2007

Sorry if this has been mentioned already (didn't have time to read through 55 comments), but why not add additional guidelines/procedures and mention them to your viewers (at the moment, all it says is "contribute your thoughs"):

1. Separate the href from the link text. This will put people off trying to add weight to link text.
2. Tell contributors that their comments will be moderated and then set a script to delete posts which are less than X characters short.
3. Use nofollow on in-comment links.
4. Don't allow abusive comments - as soon as you read the "I think you are a..." press the delete button without reading further.
5. Show what you know about the poster at the time of posting (i.e. IP address, country, city).
6. Any others!

Alex said on April 23, 2007

I agree with Kyle, comments are what make blogs what they are. Thanks to them, the possibility for discussion is added, turning a magazine article into a blog.

This is why I believe that it will always be worththe fight to keep commentary going. Tools like Akismet are making things better.

Jim said on April 23, 2007

I used to get hammered with spam until I found the Akismet spam filter plugin for WordPress. It catches 99.5%, I would say, and the WP auto moderation keeps the rest from showing up publicly.

Jim

Bruno said on April 23, 2007

It's just an idea, but why don't you create a forum and manage everything from there? Maybe it's even more interesting for the kind of conversations that it could generate.

I think many of your readers would be willing to offer as moderators.

stephen said on April 24, 2007

If comments were to disappear, at least those interested in discussing articles have alternate options:

1. Trackbacks to your own site/journal where comments become an article in its own right.

2. Digging, Del.icio.us, etc - If you like something so much, bookmark it. Some bookmark sites restrict what and how much can be said - that becomes the linkers problem, not the article-writer.

But I must say that AKISMET is a godsend!

Beth said on April 25, 2007

I hope you're able to find a good solution. Keeping up with spam is such a hassle, for me Akismet does a great job, but it still misses a lot.

I think one of the best qualities of a blog is it allows readers to be interactive, and it's a shame some people have to ruin it for everyone. I just don't get it, I don't know of anyone ever buying anything or going to a site (not by mistake) from a spammer link. I don't see how it's a profitable business.

Steve said on April 26, 2007

I think rewarding repeat commenters is a great idea. Three is a good level to make a cut off too.

"just display the URL - don't make it a link." - This is also a valid solution although it does detract from the usability slightly.

A third option would be to leverage the community that appreciates the commenting. Add a button to each post that allows the community to mark a posting as spam. You could do a couple things with this. 1 - automatically send the post off for moderation. 2 - If 3 or more users mark a post as spam then it will be automatically hidden from the page unless moderated.

Richard said on April 27, 2007

I read John Gruber's Daring Fireball, and many a time have I thought "I'll comment on that," but haven't been able to do so due to the lack of commenting. In a way I like it - it's like reading a magazine - but sometimes not being able to voice yourself is frustrating.

Okay, so on one hand it keeps the reading material clean, but on the other it pulls apart the point of the web: communication.

I guess ever since the widespread ability to comment came about, readers have grown gradually more and more expectant of the ability to say what they want to say, 'have their bit'.

Occasionally I email John if I actually have something to say - but otherwise it's a case of keeping quiet. That and I don't want to turn into a stalker or something.

So it's up to you I think. Don't let spam take away comments, there are much more creative ways to deal with criminals than removing your front door and windows, so to speak. Comments should be part of the design of what you want to achieve, be it the magazine feel or the feeling of a community.

All the best,
Richard.

Justin Kistner said on April 27, 2007

I always deny comments from people with links to spammy lookin' sites even if the comment is good. Ok, if the comment is really good, as in it will further the discussion I just delete their site link.

I've seen a lot of site these days that don't allow links, just your name and comment.

Corey said on April 30, 2007

Why not use Akismet from Wordpress? Sign up for a wordpress.com account and you get a free API key that you can use on your personal site...it does a fantastic job...it's caught upwards of 300 spam comments on my blog only letting 2-3 slip through the cracks and without any false positives.

blinking8s said on May 01, 2007

I work on small (3000 + users) photoblog application, and we deal lot lot with users and spam issues and we're not the mos advanced of developers. It's just a fun project and it's something we couldn't ignore.

Overall akismet has been very successful, not for all users though. About 20% come back saying it only caught a small portion of their spam.

I've had very solid success in the past with a javascript check, of course if the user didn't have javascript, you had to whip up some fancy stuff to make them understand why the form field wasnt working. Most spam that attached wordpress this was successful for. I think spam may have advanced past this now, but I havent tested.

Captcha sucks...end of story

There is the token system, we are currently testing that now with the photoblog system, the staff has had amazing success but users come back with issues, most likely from incorrect implementation. I can report back on our results if you want to email me.

We wanted to fool around with a honeypot method, setting empty field into the forms, and checking if those hidden fields were empty when the comment was submitted. If they had been filled in, like spam most likely would do, then it would reject the comment. But because of the user controlled templates this was far too complex to try to push upon them.

I'm personally using akismet, and out of the last 52 spam attempts 2 got through, and they must have been manually plugged in because they talked about how nice my photo was and used gmail addresses, they looked totally legit to any form of spam protection, but the rest of the comment was about selling cars.

WD Milner said on May 07, 2007

Spam is a problem with no particular end in site and is a dynamicly evolving battle. I can understand someone wanting to turn off comments if it is becoming excessive.

That said I think many/most sites designed around the web log concept (initially just an onl-line journal) that have developed a community among their readers would be poorer for the lack of commenting ability.

In the case of a site such as this one, it can be invaluable as a palce to exchange ideas an opinions on a psoted topic.

Personally I have my comment system set for moderated comments and I don't have a problem with comment spam. My problem is few commentors (though the logs seem full of visitors). I guess I don't have a writing style conducive to interactivity. *grin*

Whatever you decide, I and many others will likely still read your articles but I think a great dimension of the site would be lost.

WD Milner said on May 07, 2007

My apologies for the typographical errors in the above post. My fingers and I are having issues today *grin*

Chris Hoeppner said on May 10, 2007

Isn't this the same story we had a few years ago with email spamm? I have never gotten a decent amount of comments on any of my sites, but I know of quite a few bloggers using Akismet very successfully. I'm working on a middleware for django, to get Akismet into my blog app.

Back to email. One day, some guy came up with something called "challenge response" and some stuff named "bayesian filter". The first might not be so elegant for a blog. You'd better off to make'em register. The second is a line about akismet, actually. A huge allready-learned bayesian mamoth. Give it a thought. Are you letting them win? Don't close comments. It would be like running away when someone's pitching at your girl.

chris said on May 20, 2007

I haven't used my own journal in a long time, since I was in the process of rewriting it and lost interest... but I have never had a spam problem. I've only ever had 3 pieces of comment spam get through and they were hand submitted. And no, I don't use a CAPTCHA because of usability issues. I do autoclose comments after a certain amount of time, but registered users can still comment (except I don't think I bothered writing a way to register.. oops).

The most effective way to combat comment spam is to use methods that no one else is using. If it's cost effective to program their way around your filter because everyone else is using it too, they're going to do it. Most spammers aren't programmers: they hire someone else to do it or download something off the shelf.

I will give away one of my secrets, though: comment throttling. Comments go through a series of filters to determine if the comment is accepted, sent to moderation, or rejected. I have a limit on how many comments can be sent to moderation. Once the limit is met, only 'accepted' comments are allowed. It is difficult for a handwritten comment to get flagged for moderation.

Even if the spammers knew how to bypass my filtering, it wouldn't be cost effective for them to write a solution to do so because mine is the only one. That is the true secret to stopping comment spam.

imagetic said on August 05, 2007

I've been hearing great things about Defensio (http://defensio.com/)

Sydney James said on November 12, 2008

8t53ao1pi1v8bue1

Sorry, comments are closed for this post. If you have any further questions or comments, feel free to send them to me directly.