Welp, while Bill deals with his blog SPAM across town, I’m dealing with plain old email SPAM instead.
Looks like someone’s decided to go through and harvest email addresses from one of my websites. After being virus laden email free for countless months, last night I received at least 6 different W32.Mytob.DF@mm virii at my email@example.com address. I think one of the only places I use that address is on this blog… I’m not sure if I should feel honored that they snagged it or not.
Bill also linked to another post about a Coding-related Wiki getting taken down for approximately an hour so the database could be scrubbed of all SPAM. The author is asking for any advice you may have.
I’m too busy to delve too deeply into the matter, but I wonder what lengths he’s taken thus far. There are several different approaches he could take. The easiest to implement that would also require the least maintenance would be a simple registration system. If just a basic registration system doesn’t work, how about one of those god awful “type what you see in this image” things? Those are designed to prevent SPAM, right?
Several of the Blog software vendors have also added the ability to require approval for a user the first time they try to post. Seems like a tad bit more work than the previous suggestion, but it should also help cut down on SPAM nearly 100%. I imagine most of the casual SPAMers aren’t going to register, then post a legitimate comment, and THEN start randomly spamming your site.
Other more difficult ideas would be to implement a total moderation policy. Perhaps a community-driven moderation system would help to eliminate some overhead for the administrator or moderator(s). You could also create a simple IP-blacklist utility with varying degrees of severity. You could totally block them from your site using something as simple as an Apache module (but I think this guy is a Windows coder, so he’s probably running IIS), or code it into your pages. Let a known spammer only view content, not author any changes. Knock out a couple dozen IPs and you’ll probably kill off a lot of the SPAM.
I know my blog isn’t nearly as popular as many of the others I read, but I just don’t see that SPAM is that big a deal these days. There are so many options out there for a web-based project to utilize to combat SPAM that it seems almost pointless to give up on it these days. Sure, some of them require a little more effort on your part than others, but particularly for a community-based Wiki, you should be able to get help in moderation from some of your more loyal users in managing the system.
Bottom line: if you love something enough, you’ll be willing to put a little extra effort into it to implement a SPAM-fighting system.