WordPress, Matt Mullenweg and Spam

May 11th, 2007

WordPress, Matt Mullenweg and Spam

Last week Patrick, Arjen and me went out for sushi with Scott Rafer and Matt Mullenweg. We spoke a lot about WordPress and didn’t try to hide the fact that we are huge fans of the whole platform, and Matt.

All our blogs and some of our website are using WordPress (Meganova and even The Next Web Conference). We also use Akismet for stopping spam and asked Matt to talk about it a bit.

He told us about how Akismet started, that it is one of the four things Automattic makes money on (the other three being Subscriptions, Advertising and Services) and that he is currently the only person working on the system.

One of the stories he told us was about a particular kind of spam. We all hate spam but when he spoke of this version he almost seemed to admire the people who made it.

Almost, but not quite.

This particular spam is a comment spam which consists of a real Hotmail of Gmail address, it contains no hyperlinks and only a compliment. It will say “Great post!” or “Thanks for the information, very useful“. And only one in a hundred messages would actually contain a URL.

At first Akismet was very good in picking out even this kind of spam. But then something happened that they didn’t anticipate.

Akismet learns. It learns because it is constantly being trained by people who either mark comments as spam or ‘unspam’ messages that Akismet accidently marked as spam. The problem with this particular kind of spam was that people actually liked the comments and compliments. If you get 10 visitors a day and not many comments and suddenly you get a few anonymous compliments you don’t think even want to consider that they might be spam.

So people started to mark those spam messages as not being spam and by doing that they were collectively training Akismet to see these messages as real comments. It didn’t take them long to fix this issue and Akismet is getting better every day. If you haven’t tried Akismet yet I encourage you to do so.

Besides Akismet this blog also uses two other WordPress Plug-ins to successfully battle comment spam:

Bad Behaviour stops all malicious attempts to access my blog. This is saving bandwidth and processor time.

The other one is a simple CAPTCHA plug-in named Custom Anti Spam. This stopped all spam. It allows you to set the CAPTCHA words yourself. I set it up to only say ‘boris’ to keep things simple.

That was enough to stop 100% of all comment spam.

Filed under Business, Developing, Food, Innovation, Inspiration, Programming, Travel |


15 Responses to “WordPress, Matt Mullenweg and Spam”

  1. Gonzague on May 11, 2007 3:13 pm (15:13)

    I use Akismet & Bad Behaviour … It’s true that they work very well together with akismet filtering what BB let goes

  2. Diederik on May 11, 2007 3:14 pm (15:14)

    Great post!

  3. Joe on May 11, 2007 3:53 pm (15:53)

    Hi Boris,

    Good to learn about the other tools beside Akismet (did you ask where the name came from?). I didn’t know about Bad Behaviour, and installed a “comment auto closing” plugin to get rid of literally hundreds of spam messages sent daily to some very old blog posts.

    BTW, I enjoyed your reports about the Valley, reminds me of long ago (before the bubble burst), how energizing this environment can be!

  4. Rudy on May 11, 2007 4:53 pm (16:53)

    The only Spam I like comes from a can.

  5. Peter Cooper on May 11, 2007 6:35 pm (18:35)

    What is the motivation for sending it? You mention there was no URL in the post, etc, and it just says “Great post!” or something.. but if there’s no link or benefit to the spammer, why would they automate lots of posts like this?

  6. Gonzague on May 11, 2007 7:29 pm (19:29)

    Peter : that’s easy : everyone marks the email addresses as “non-spam” and one day the guy gonna come back , use this white-listed ( or almost ) email to massively spam blogs but this time he’ll use urls in the posts

    Akismet wont even react :)

  7. Peter Cooper on May 11, 2007 7:35 pm (19:35)

    Ohhh.. I should have engaged my brain first ;-) I see now, thanks! That’s a pretty cunning plan.

  8. Gonzague on May 11, 2007 7:38 pm (19:38)

    Nice post Peter

    ( :D )

  9. Boris Veldhuijzen van Zanten on May 12, 2007 11:10 pm (23:10)

    @Peter: Matt explained that only one in a hundred messages would actually contain a URL. By sending millions of spam comments that would be enough to get some traffic. But Conzague has a point too.

  10. Gonzague on May 13, 2007 12:03 am (0:03)

    My name is more likely to be something like ….Gonzague ;)

    But yeah the technique consists in creating a good reputation for the email so it can then be used to spam a bit

  11. Boris on May 13, 2007 1:50 am (1:50)

    Sorry about that Gonzague! I hate it when they spell my name wrong too…

  12. Gonzague on May 13, 2007 1:52 am (1:52)

    Your is more complicated than mine so i’ll keep calling you Boris ;)

    Oh…In a few minutes i’ll post a few pics about our Barcamp in Paris (co-organized by Yahoo & Ziki ) if you wanna see. I’ll add them to my flickr soon btw

  13. anouar on May 17, 2007 6:20 pm (18:20)

    Hey, you have a great blog here! I’m definitely going to bookmark you!

    I have a http://www.evodown.com/vb

    Come and check it out if you get time

  14. Mercado Trabalho Consultoria Assessoria on August 6, 2007 5:44 am (5:44)

    Weel done, great blog and great posts!!!

  15. Healing the Body on June 19, 2008 2:01 pm (14:01)

    That is absolutely hilarious. It is like the thief saying Good Dog to the Security Fido and giving him a doggie cookie, so that whenever the thief shows up, the Dog will lick his hand and give him a free pass.

Trackback URI | Comments RSS

Leave a Reply

Name

Email

Website

Speak your mind

retaggr