[spam-stopper] New plugin version

Tue Oct 17 11:07:01 UTC 2006

Hello,

On Monday, 16. October 2006 18:17, Sebastian Herp wrote:
> Matt Mullenweg wrote:
> > Don't blog or talk about this yet, but there's a new version of the
> > plugin available for download. Big changes?
> >
> > * Paging on the caught spam page
Sounds good. :-) But as Mark wrote: "Delete All" shall be renamed to "Delete 
All In This Page" or something like this. ;-)

> > * A 'recheck queue' button on the moderation page
Again, sounds good. Sometimes the software "a" is better than "b" because "a" 
has lots more detailed options.

> >
> > I'm curious to know what you guys think of these, if there are any
> > other big needs you see in the WP plugin, and if you run into any bugs.
Which plugin btw and where can I download and test it for you?

>
> Sorry for replying this late ;-)
I'm also a little late... ;-)

>
> I am using Akismet together with Spam Karma (via sk-plugin). While I
> think the combination of both is near perfect for fighting spam, but
> there are still many (most) people out there using only Akismet. Don't
> get me wrong ... Akismet alone works pretty well, but sometimes it flags
> comments as spam which are cleary ham and the way around.
Akismet is a content filter, not a all-in-one filter. Spam attacks can be 
stopped in many ways:

- Content filtering and analysing (Akismet, SK2-F)
- IP/hostname filtering against live blacklist services
- "Heuristic filtering": The spammers are not perfect in hiding so there is a 
chance to fully discover them (only one POST request to wp-comments-post.php 
w/o any other requests: gray-/blacklisting may help here)
- Request filtering with authorization code inside the script's name. See my 
blog for details about my CPR plugin (Comments Post Rewriter)

> It can become a real problem if the amount of spam on your blog is very
> very high ... I never look at the list of caught spam, because I would
> have to oversee hundreds of comments each time. Thus real comments
> incorrectly flagged as spam might never see the light :-(
I have also a commenter here who got always blacklisted by SK2. Well, for my 
blog I don't have so much spams. :-) But I already saw a blog with tons of 
spams. :-(

>
> An relatively easy way to further enhance Akismet (if in the use without
> Spam Karma) would be to never ever flag (or even check) a comment as
> spam if it was written by a registered user! Another good thing would to
> check the new comment against old comments. How often does the "new"
> user/mail/url combination exist in either collected spam (moderation
> queue) or ham (all comments) and how recent are these appearances? This
> could be uses to "weight" the comment. I do not want to see a single
> comment of a regular commenter flagged as spam, no matter what he/she
> writes or links to!
Hmmm, you may give your regular posters unlimited posting capabilities but 
what about a splog owner who registers with your blog? It might be an idea to 
implement a way of automatic gray/white-listing here:

1. When the user registers he/she is graylisted and his comments are filtered 
by all (!) anti-spam plugins.

2.) When e.g. he/she has posted too much spam (by the blog owner has marked 
too much as spam) he/she got blacklisted and the admin bans him/her.

3.) In other way - he/she is posting fine comments - the account becomes 
automatically whitelisted (but only when there was no plugin or admin who has 
marked even a single comment as spam).

This might be a nice approach to a trust-model like PGP is already using.

Person A knows that person B is a non-spammer. Person C trusts person A and 
when person B is posting a comment on person C's blog his comment will be 
listed as "trusted".

This surely requires a "per-user-trust-center" (but still with de-centralized 
servers) where all our identities are stored.

Or what about integrating PGP into WordPress?

Just mny thoughts I want to share with you. :-)

Greets,
Roland

-- 
(GNU) PGP ID: 0x8C8859B9

Weblog:
http://blog.mxchange.org