Comments on: Spam, Spam, Spam

By: Will

Will — Mon, 03 Dec 2007 10:41:21 +0000

That sounds pretty good! I’d be quite happy to see some bandwidth and load saving. I’m still getting spammy pingbacks so I’ll definitely take a closer look at BB.

By: SarahG

SarahG — Mon, 03 Dec 2007 09:04:12 +0000

I’ve put Bad Behaviour on 3 blogs and not seen a problem yet. My bandwidth did drop on my main domain by about 40%, whether it was tied in with that or just one of those strange occurances I don’t know!

WP spam is dealt with by Akismet fine, however I prefer to try and stop the bots submitting their spam in the first place so I also rename my comments file and run BB to help. Comparing my server to external stats shows about 50% of my ‘visitors’ are not loading graphics so I’d imagine a good portion of these are bots, eating away at my bandwidth!

Will have to try your hidden input field out and see how it fares

By: Will

Will — Sun, 02 Dec 2007 22:58:41 +0000

Well, the hidden form field is accessible, but needs some meaningful text to prevent people just filling it in randomly if they happen to be accessing the form without CSS e.g. by screen reader.

I’ve had success with using character entity encoding email addresses so they’re obfuscated within the source code, but rendered just as usual in a web browser (works in Lynx too).

Technically, it’s possible that email harvesters could decode them, but so far the addresses I’ve encoded haven’t been spammed and even if they were, that’s only the first layer of defence!

I’ve just taken a quick look at Bad Behaviour and it looks interesting. How have you found using it so far?

For WordPress, Spam Karma 2 deals with virtually all of my comment spam, but recently a few trackbacks from splogs have been popping up so I’ve blocked their IPs.

By: SarahG

SarahG — Sun, 02 Dec 2007 21:27:15 +0000

My forms are usually pretty much spam free (well the modern ones are, the older ones still need updating with spam prevention methods!). Various checking for spam words, checks on input and ensuring that’s what is received is what is expected etc. I usually use the sum method if a client asks for a security question to be added to their form, of course it’s still not deemed 100% accessible but it’s about the best solution around at present.

As for displaying an email address on a page. It needs to still be accessible. I have had an email as an image and the alt text just ‘reads’ the email address out (sales at wherever dot com) but of course this method is still probably picked up by spam bots as it’s so widely used it’s most likely coded into them by now!

Have you ever looked at ‘Bad Behaviour’? I have it running as a WP plugin to stop the known bots from hitting my blog, however I do believe you can download a standalone version to run on any site.

By: Will

Will — Sun, 02 Dec 2007 18:03:56 +0000

Sarah, there are ways to encode an email address and still have it display properly in a web browser in plain text although as I understood it, the requirement is only to display an email address, but not in any particular format.

If you are an online business, you must display:

* general information about your business – including business name, address, email address, VAT registration number (if applicable)

One of the things I like to use in contact forms is a hidden (using CSS), empty field. Most spambots will simply fill in every field in a form including hidden ones so when it comes to processing the form contents you’ll know to discard any that have the empty field populated.

Also, I find simple questions such as “2 + 2 = ?” or “what is the third letter in the word ‘blue’?” work quite well.

By: SarahG

SarahG — Sun, 02 Dec 2007 15:22:13 +0000

Unfortunately as a Ltd company or VAT registered business (in the UK) you need to display a plain text email address, so that will always be picked up by spammers. I’ve also yet to find a fully accessible captcha, and to be honest have problems with them myself if I’m not wearing glasses!

Mailwasher is however a fantastic program. I’ve been using it for about 4-5 years now and you can’t fault it. Whilst I may still suffer from spam, at least it never actually reaches my computer!

By: Will

Will — Sun, 02 Dec 2007 11:34:52 +0000

I think you’re right; there isn’t a single product that can filter out spam completely, but by combining several layers of defences I’ve found that spam just isn’t something that bothers me any more.

What form of filtering do you have in place?

By: SaBusinesswarrior: Internet Marketing for Small Business

SaBusinesswarrior: Internet Marketing for Small Business — Sun, 02 Dec 2007 10:41:07 +0000

Despite the best efforts being made to avoid spam, I find that I still have to cope with it on a daily basis. i do not believe that there is one single product that can eliminate spam completely. The best spammers must be the webmasters of adult sites. I find that they employ a number of techniques to bypass filters and appear to be quite good at it. Does anyone have an answer to them?