Fighting Comment Spam

Steve Kirks reports that Userland is actively developing some countermeasures to the spam problem. Been there, done that. Here’s what is included in my current package:

Link Moderation
Good idea, bad result. I thought that moderating links rather than comments would allow comment threads to progress while preventing spam. Unfortunately, the spam-master didn’t seem to care about not getting links.
Link Blacklist
I reject comments that link to sites on my blacklist. This has been very effective, but it requires periodic blacklist maintenance (I really need to add support for the MT-Blacklist blacklist).
Link counts
I reject comments with more than three links. This has been in place for the past week. I haven’t had any comment spam in that time, but I don’t know whether the blacklist or the link count is responsible.

Ideas that I discarded after studying my log files:

IP Blacklist
My comment spam came from dynamically allocated ISP addresses. I wasn’t willing to blacklist the entire network block.
Duplicate Rejection
My comment spam had minor changes from spam to spam. It was obvious to the eye that they had the same source, but the primary point of similarity was the sites they linked to.
IP Throttle
My comment spam came from multiple sources in rotation. While I might be getting one per minute, it could be as much as 20 or 30 minutes between spam from an individual IP address.
My comment spam appeared to be manually submitted. A weblog page would be retrieved, then the comment form, and finally the comment would be submitted (rather than directly submitting to the comment server).