I call this the “Three Strikes” Spam Prevention Plugin.
This plugin is designed to prevent comment spam from even hitting your system and leaving you with a flood of approval requests and a bunch of comments to be deleted. While dealing with some moderated comments on my system, I started to realize that most of the REAL Spam could easily be categorized as delete fodder by a “fuzzy” points system. In toying with the idea and testing the various scenarios, I have put together a plugin that keeps tracks of the “strikes” of a comment and then prevents the comment from ever getting into your database and making more work for you.
Here are the possible strikes (so far in the beta):
- Every SpamWord (default WordPress) match within the comment is a single strike
- A greater than allowed number of links inside a comment is a strike
- A match between the commenters’ IP and a SpamWord IP is a heavily weighted strike
- An empty referer field for the posted comment request is a strike
The strike system can be configured to be aggressive or moderate by a simple value change. I have it set at 3 and it seems to work well at that level. Higher numbers = more moderate spam checking (less spam gets deleted). Various users might have to play with that value to see what works for them.
Once a commenter/comment is determined to be “Struck Out”, they are redirected to (by default) the FBI site. This redirect site can be configured in the plugin as well.
The plugin can be downloaded here. Please post suggestions and bugs.
Installation is very simple. Just copy the plugin to your wp-content/plugins directory and activate through your admin interface. I suggest the use of a more moderate spam checking (SpamThreshold greater than 3) and the use of Kitten’s Spam Words for the first few days/weeks till you have some spam words filled up. The more robust your Spam words, the more effective this plugin.
[EDIT] For a method to get notified of Spam when it gets bounced, check out this comment.
[EDIT] 10/3/04 – There is a small bug in this plugin where the WordPress comment approval/delete was borked because of this plugin. To fix the problem, just download the plugin again and copy it to your plugins folder. In other words, the problem has been fixed in the download.
[EDIT] Now with Trackback checking built in.