As we get more traffic, we've also been getting some comment spam, and apparently
Paul Lockwood is as well.
We've had a few ideas between
Nathan,
Russ, and I of how to stop it, but haven't
gotten around to implementing any of them.
Assuming the spammers make comments by just submitting HTTP requests from a perl script or something,
we thought of a relatively easy fix. Add some new hidden fields, and have the server read from those hidden fields,
and then have some javascript to copy content from the existing text fields to the hidden fields onsumbit. The only
hassle there is is the spammers learn what the hidden field names are, and adjust their perl scripts. To combat
that we'd have to dynamically generate hidden field names, which could be tossed in viewstate without too much fuss.
Then the spammers would have to do web crawling, instantiating and controlling a browser so they could get the names
right.
One bad thought we had was to integrate
SpamBayes, the excellent,
excellent spam filter that you should really be running if you use Outlook. Seed SpamBayes with good comments, then have
it show/hide comments according to its statistics. Then there would need to be a section in the admin for you to
train the thing, but its certainly doable.