WordPress, Matt Mullenweg and Spam
Last week Patrick, Arjen and me went out for sushi with Scott Rafer and Matt Mullenweg. We spoke a lot about WordPress and didn’t try to hide the fact that we are huge fans of the whole platform, and Matt.
All our blogs and some of our website are using WordPress (Meganova and even The Next Web Conference). We also use Akismet for stopping spam and asked Matt to talk about it a bit.
He told us about how Akismet started, that it is one of the four things Automattic makes money on (the other three being Subscriptions, Advertising and Services) and that he is currently the only person working on the system.
One of the stories he told us was about a particular kind of spam. We all hate spam but when he spoke of this version he almost seemed to admire the people who made it.
Almost, but not quite.
This particular spam is a comment spam which consists of a real Hotmail of Gmail address, it contains no hyperlinks and only a compliment. It will say “Great post!” or “Thanks for the information, very useful“. And only one in a hundred messages would actually contain a URL.
At first Akismet was very good in picking out even this kind of spam. But then something happened that they didn’t anticipate.
Akismet learns. It learns because it is constantly being trained by people who either mark comments as spam or ‘unspam’ messages that Akismet accidently marked as spam. The problem with this particular kind of spam was that people actually liked the comments and compliments. If you get 10 visitors a day and not many comments and suddenly you get a few anonymous compliments you don’t think even want to consider that they might be spam.
So people started to mark those spam messages as not being spam and by doing that they were collectively training Akismet to see these messages as real comments. It didn’t take them long to fix this issue and Akismet is getting better every day. If you haven’t tried Akismet yet I encourage you to do so.
Besides Akismet this blog also uses two other WordPress Plug-ins to successfully battle comment spam:
Bad Behaviour stops all malicious attempts to access my blog. This is saving bandwidth and processor time.
The other one is a simple CAPTCHA plug-in named Custom Anti Spam. This stopped all spam. It allows you to set the CAPTCHA words yourself. I set it up to only say ‘boris’ to keep things simple.
That was enough to stop 100% of all comment spam.
I use Akismet & Bad Behaviour … It’s true that they work very well together with akismet filtering what BB let goes
Great post!
Hi Boris,
Good to learn about the other tools beside Akismet (did you ask where the name came from?). I didn’t know about Bad Behaviour, and installed a “comment auto closing” plugin to get rid of literally hundreds of spam messages sent daily to some very old blog posts.
BTW, I enjoyed your reports about the Valley, reminds me of long ago (before the bubble burst), how energizing this environment can be!
The only Spam I like comes from a can.
What is the motivation for sending it? You mention there was no URL in the post, etc, and it just says “Great post!” or something.. but if there’s no link or benefit to the spammer, why would they automate lots of posts like this?
Peter : that’s easy : everyone marks the email addresses as “non-spam” and one day the guy gonna come back , use this white-listed ( or almost ) email to massively spam blogs but this time he’ll use urls in the posts
Akismet wont even react :)
Ohhh.. I should have engaged my brain first ;-) I see now, thanks! That’s a pretty cunning plan.
Nice post Peter
( :D )
@Peter: Matt explained that only one in a hundred messages would actually contain a URL. By sending millions of spam comments that would be enough to get some traffic. But Conzague has a point too.
My name is more likely to be something like ….Gonzague ;)
But yeah the technique consists in creating a good reputation for the email so it can then be used to spam a bit
Sorry about that Gonzague! I hate it when they spell my name wrong too…
Your is more complicated than mine so i’ll keep calling you Boris ;)
Oh…In a few minutes i’ll post a few pics about our Barcamp in Paris (co-organized by Yahoo & Ziki ) if you wanna see. I’ll add them to my flickr soon btw
Hey, you have a great blog here! I’m definitely going to bookmark you!
I have a http://www.evodown.com/vb
Come and check it out if you get time
Weel done, great blog and great posts!!!
That is absolutely hilarious. It is like the thief saying Good Dog to the Security Fido and giving him a doggie cookie, so that whenever the thief shows up, the Dog will lick his hand and give him a free pass.