Reading of old comments, and navigation of my blog (through the blog matrix found on the writings page) is now possible. I don’t have all the fancy navigation stuff that I did before, but I’m working on it. I also haven’t yet come up with that alternative comment posting solution that I intend to.
I’m thinking the following might be reasonable, if a bit harsh, good rules of thumb, and also easier to implement than some of the more elaborate schemes that I’ve devised in the past – but also harder for comment spammers to circumvent:
1) commenting requires a browser with cookies enabled
2) all comments _must_ be previewed
3) no comments with identical comment text
and then what I consider the set of 5
4) no more than 5 comments per new e-mail address per day
5) no more than 5 comments per IP address per day
6) no more than 5 comments per new author name per day
7) no more than 5 comments per new author url per day
8) more than 5 new IP addresses for comments in the previous 24 hours means _all_ comments (not blocked by the above) go to the moderation queue
and two more:
9) any comment with a link in it is sent to the moderation queue
10) a moderation queue that contains more than 20 comments-to-be-moderated triggers site-wide comment disabling (with a “we might be under a spambot attack” message) until I’ve managed to moderate them
Note that 1-7 would block comments period. (1) requires a sophisticated spambot. (2) requires an even more sophisticated spambot. (3) will prevent certain spambots (some do put random strings in every different comment). (4-7) result in absolute throttles that I think most people can live with (I may eventually implement something more sophisticated that allows exceptions for IP addresses with “good behavior” in the distant past that also match author url and e-mail and have no links in them). (8) is a limited (and perhaps excessive) way of dealing with the massive distributed spambot attack, where lots of zombies are sent to spam all at once. It is my crude admission that perhaps my IP deny skills are too slow. (9) is to ensure that comment spam will not even temporarily be effective. (10) is to ensure that my moderation queue is not flooded.
I know that those numbers of 5 and 20 and whatnot will not work for everyone – but I think that they’re reasonable for my site.
I’d ask “so, what do you think?” but you can’t leave a comment here. Feel free to send an e-mail or to trackback (eventually I’ll have to worry about trackback spam, I know). Visit the contact page for contact information. (Yes, I have an e-mail address there. Yes, e-mail spam harvesting bots have gotten it already as of now.)