So, I have some pretty basic guards in place to try to head off spam in the comments without requiring CAPTCHA, but it’s working overtime and not really catching most items. One of the easiest ones to do is simply counting links (or even attempted links) and if they meet a threshold, they’re marked as spam. Another easy one is to look at the IP’s they’re coming from and ban them. IPs aren’t the best way as they could end up blocking a legitimate user, but for now that’s what I’ve got.
What I’m seeing is bursts of single line spam with one link to http://mk93l.asd28aki.com (just a bunch of random characters) which I can only assume they’re hoping for accidental clicks as nobody in their right mind is going to click on a link that looks like a PERL script gone bad. The problem with these is that they all seem to come from different IP addresses, all within seconds of each other. Hard to stop that.
The other spam that makes me scratch my head is what I call “Joanne Peterson Comments”. They’re word salad. They *almost* make sense and even tend to be topical as I assume the scripts read the post and then go look up actual conversations to try to get by spam filters. What’s odd about these are there’s no links in them, generally only the user’s website (which tends to be a Facebook account).
That’s a LOT of effort for very, very little return. I guess it’s one of those “one click-through and you’ve made your money for the day” kind of things.