Block Spam Using Math

In a normal day, I usually get over 1000 spam comments on my blog. Although I don’t have to delete the spam, it still takes up resource on the database. By the way, Akismet deletes all spam comments after two weeks. This gives the blog owner time to recover if a valid comment was mistakenly classified as spam.

If you really want to cut down on spam comments, you can implement Captcha. But, lots of people hate Captcha including myself, especially the ones that are unreadable. What is more frustrating than trying to guess a mangled captcha only to be thwarted again and again because it’s unreadable. Enter a solution using simple math.

So, I decided to install a WordPress plugin called Block-Spam-By-Math. The plugin adds a custom field to the comments form by posting a simple math problem. Anyone who passed at least first grade should be able to answer the addition problem. After all, 8 + 2 = is not that difficult to solve.

Automated bots that send spam will have problems submitting past the math problem. Unless, the bots become sophisticated enough to read text and solve the math problems themselves. It sounds like a whole lot of trouble, just to add that feature to send spam.

At least temporarily, spam has been cut down to almost zero. Now, I just have to deal with humans who send them. And that’s infrequent compared to bots.

Emptying Spam

My new favorite function in the WordPress Admin is Emptying Spam which you’ll find under the Comments section. There is nothing so something satisfying and gratifying as this particular function. The latest click resulted in the trashing of 2019 spam comments. That needed a quick celebration.

Charging For Spam

Spam seems to be everywhere. I thought about all the spam I’ve received since I started blogging.  If I’ve charged for a dollar a spam, I’ll be a rich man by now. My current spam count is at 323,460.

My Akismet stats indicate that 99% of all my comments are of the spam variety. It’s a well-known fact that 95% of email is spam. Spam takes up a tremendous amount of hardware resources from CPU, memory and storage.

To fight back for resources lost, all bloggers should start charging spammers for every spam sent. Spam comments will be allowed to stand if a spammer has paid for them. All unpaid spam are deleted.

The question is, will there be enough spammers willing to pay for premium spam?

Turning Off Comments Older Than 14 Days

I have decided to turn off all comments older than 14 days due to inordinate amount of spam comments I have been receiving. Hopefully, this will cut down on spam considerably, maybe by a hundredfold. At least, spam bots can no longer target one specific post since older posts are automatically closed after 14 days.

By the way, I’m using a plugin called ‘Close Old Posts‘ by Matt Mullenweg. Works great.

Update: The ‘Close Old Posts’ that I’ve used above technically does not really close old posts from the database point of view. If just disables the comments from being used and viewed. If you really want to close all comments older than 14 days, the better option is to go to your Dashboard -> Settings -> Discussion and close it from there.


Captchas may not be enough to stop spam. Enter Recaptchas.

With bots getting intelligent enough to read easy versions of captcha, it’s time to make your site a little trickier if you want to avoid spam. This article will show you how to set up a PHP web form with AJAX that uses Recaptcha, a more difficult protocol for bots to decipher.

Read the article.

Spamming for Dollars

The main reason spam is around is because of money. Spammers can potentially rake in millions of dollars. The Storm botnet rakes in an estimated $3.5 million dollars annually. Seems like easy money? Well, not quite. The conversion rate for spam is miniscule; spammers have to send out in bulk to get results. UCSD and International Computer Science Institute shared their findings:

“Research reported 569 conversions on close to 500 million spam messages. They sent three different kinds of messages, two of which were similar to the spam the botnet uses to propagate. A third message contained faux pharmaceutical spam similar to how the botnet makes money. The researchers sent 347,590,389 pharmaceutical spam messages which generated 10,522 site visits and 28 sales — conversion rate of 0.0000081 percent.”

Sounds inefficient to me, but if you consider that 85-90% of the worldwide email is spam, then you finally get to see the whole picture. Of course, spam spawns other effects in the IT infrastructure such as increase storage, the cost of anti-virus software and the hiring of security staff. Come to think of it, the IT cost attributable to spam alone is massive.

Delinking Spammers

Spam seems to be everywhere. It’s in your email, blogs, social networks and even text messages. Spammers are getting creative in terms of getting around spam blockers, captchas and even fooling unsuspecting bloggers like myself.

A typical comment such as “Great post” or “Great article” or “I’m a little confused about what you wrote” or “Can you explain what you meant by this” don’t seem harmful. Some even manage to make intelligent comments. But if you look at the author’s link, it’s a dead giveaway.

I usually smell a comment spam a 100 miles away because of the author’s link or website. If the commenter’s website is a non-personal or non-blog website, I usually remove the link, but I let the comment stay if it’s within topic.

The main reason comment spammers leave comments on blogs is to promote their own businesses, blogs, sites, etc by means of a link back. Spammers are merely trying to improve their search rankings. One of the things I have been doing to fight this type of comment spam is to delink the spammer’s link.

Comments may seem legit and even make sense, but the commenter’s link is removed. I use the Delink Comment Author by Alex King, an excellent plugin WordPress Plugin to delink comments.

All it takes is one click of the mouse. It’s very effective.

Spam Blocked By Akismet

I’m just wondering why my Akismet spam blocked count was reset several weeks ago. I had over 33,000 spam blocked back in January 30th, 2007. Prior to that I had over 22,000 spam blocked back in December 27th, 2006.

Now, my count is at a lowly 12,533. Does anyone have an explanation as to why these numbers shrunk? Where is the count being kept? The wp_options table? I have to take a closer look at this. I’m curious more than anything.

Keeping SPAM Out

Here’s a good article about spam from Information Week. Her last point was eye opening to me. She makes a very solid point.

Don’t open spam. Many pieces of spam contain HTML code which will open a connection to a Web server operated by the spammers. When you connect, you have verified that you opened the message. That informs the spammers that they have a good e-mail address, which — you guessed it — results in them sending you even more spam. Delete spam without opening it. Therefore, don’t use your e-mail program’s preview pane. Previewing spam is the same as viewing it.

Therefore, leave your spam messages untouched. Just delete it.