The spammers are winning. Time to fall back and re-trench.
First, let me give credit where credit is due. The spam filters are doing their job remarkably well. Since I put them in place, they have caught and filtered out 5,682 of the 5,934 pieces of spam to be sent my way. But:
- This still means that a dozen or so pieces of spam make it through the filter each time they blast me. Not a big deal, but it's a little annoying to have to manually delete spam every other day.
- Much more importantly, I've been told that the spam filters have trapped and quarantined legitimate comments. This cannot be tolerated...
So what do to? My original goal was to make commenting as easy as possible, and to therefore have no sort of log-in or CAPCHA required. That isn't working out, it seems. Expect anonymous comments to suddenly start requiring a CAPCHA at some point in the near future. To minimize the inconvenience, however, I will allow readers to create accounts on this site which, in turn, will allow them to avoid CAPCHAs any time they are logged in. And at least one of you will be glad to hear that Drupal has OpenID built into its core functionality, meaning (I hope) that those of you with OpenIDs can just seamlessly use them here.
So why am I not doing this right now? Well, I want to set this up on my test-site first, and make sure that I've got everything working and suitably locked down. At my current rate of blog-related activity, that should only take.... four and a half years. But I'll see if I can rush this along so that we can stop blogging about spam and return to blogging about spam research.