[wp-hackers] New(?) anti-spam technique

John Watson johnw1 at gmail.com
Thu Oct 21 20:06:20 UTC 2004 

On Thu, 21 Oct 2004 15:48:47 -0400, Mark Jaquith
<mark.wordpress at txfx.net> wrote:
> Good idea!

Thanks!

> But the main thing throtling the comments here is the 3
> seconds variable.   I think that's way too low.  How many humans are
> posting a comment 3 seconds after loading the entry?  Even if their
> posting info is already saved in a cookie,  3 seconds is fairly slow.
> 
> I think you could move that 3 seconds up to at least 10 seconds.
> Sure, once in a while, someone is going to want to post a quick "Agreed!
> Good post!" comment, but one way you could help them out is to use
> javascript.  Start a JS timer when they load the page, and make an
> onClick() for the comment submit button.  If it hasn't been long enough,

I thought about this too.  I arrived at 3 seconds by typing "cool!" as
quickly as I could into a comment form and 3 seconds worked for
allowing that in unmoderated.  I agree it could be raised without
affecting too many people.  As for the javascript idea, I considered
that as well (I was thinking of letting them click the button any time
they like but the button would grey out and wait for the required time
before actually submitting the form) -- BUT I didn't implement it in
my example because I didn't want to moderate comments from people who
post quickly just because they have javascript turned off.

> The only thing that might cause trouble for humans is the upper time
> limit.  Some posts are long, and people read the comments before leaving
> a comment themselves.  Also, some people load an entry and leave it for
> quite some time before commenting.

This occurred to me as well... the min and max times that define the
window could be configurable... But, the worst case is that some
comments will be moderated.  You could still look through your
moderated comments and manually post the ones that weren't spam.  I
say that they *could* be configurable because a high upper limit
actually helps spammers who can adapt to this technique and this
anti-spam method requires widespread adoption if it's really going to
have the intended effect of slowing down overall spam per second.  In
other words, if it was configurable and too many people had the limit
set too high then it is not as effective.

More information about the hackers mailing list