How Comment Spam Works

One hears a lot about the comment spam problem, especially for people who are on Moveable Type (pre-MT 3.0) and WordPress. I haven't heard about whether it's a problem with Blogger as well, or with third-party comment applications like HaloScan. If not, I presume it soon will be, for anyone with open comments.

This article in the UK Register (which I came across through Kaush, who has been forced to close down comments on his blog) explains what Comment Spammers are trying to do (improve search engine rankings), and how they do it: PHP scripts and Open Proxies (meaning, unprotected servers on the internet). The Open Proxies allow them to mask their IP addresses to get around blocks, and they say they don't use hijacked PCs to spread spam the way email spammers do. It was also interesting to me to learn why blog spammers turned to this technique -- the old 'link farms' became obsolete after Google's search algorithm learned to spot "nepotistic" linking (the "Florida Update," as it is called for some mysterious reason).

Many of the blogs I read now have "captcha" tests, to make sure that human beings are posting comments, not spammers. But even captcha tests, according to this interview, can be solved (something about Unix's curl command...). Yikes.