Come to think of it, what I’d like to see in comment spam detection next is this algorithm: whenever three comments are submitted within an hour, and all three contain the same URL, add the full hostname in the URL to the spam filter list and notify me.
Yeah, it’s open to denial of service, but it’s a weak DoS in that anyone who’s denied service can get around it easily by not posting URLs with that hostname. And there are significantly more spammers than there are people carrying out DoS attacks on my comments.
4 Comments
I’d worry about the frequent commenter to your blog who has their personal URL saved in the URL field, who just happened to be moved to comment several times in an hour — but I hear you. 🙂
Heh. True. It’s a better solution for me, who doesn’t get many comments… I could screen out a lot of spam by just looking at the text field, mind you, and not the URL field. Hm.
Sounds like an awfully good idea. And simple if you only look in the text comments.
The only commenter who posts multiple times in an hour is me, and I don’t have a URL.