Comment spam outpacing e-mail spam

This week my comment spam has outpaced my e-mail spam. The comment spammers use varied IP addresses, so an IP block does no good. MT-Blacklist is not working for me at the moment but hopefully I will have it installed when the final bits ship with Movable Type 3.1 next week. MT-Blacklist blocks comments based on keywords and link usage, not just IP block. How bad is the problem? Only 7.7% of the comments submitted to my site are legitimate comments. I could restrict to only TypeKey comments, but even a Six Apart employee does not use TypeKey when leaving a comment on my weblog. I do not want anyone to have to jump through too many hoops to participate in a conversation. My solution is to wait on the new MT-Blacklist. I approve all comments before they appear live on my weblog, so it is just a pain to remove the comments and delete the notification e-mails I receive for junk e-mail. I am sure Jay will make good money from licensing MT-Blacklist. The comment blocking feature is too important for Six Apart to leave to an outside developer. Ultimately Six Apart needs to acquire Jay or roll their own solution. Six Apart’s immediate response will be “use TypeKey,” which could work well for a restricted audience, but not a broader audience. The ability to comment on a published item is an essential element for a weblog platform. Many publishers are now shutting down their comments because they just cannot handle the signal to noise ratio. User experience is key, and comment spam takes as much away from the user experience as an e-mail box full of spam. [Update: I went through my log files to look for the path taken by the spammer. The worst spammer was a POST direct to mt-comments.cgi from agent “MSIE 6.0; Windows NT 4.0; PCUser,” or Internet Explorer 6 on a NT box. Each comment spam follows a pattern yet has a unique identifier. E-mail address is “bob@y” + identifier + “” and the identifier begins the comment text. The linked site contains no links and the spammer must only be interested in PageRank for a future launched site. The best course of action is to change the name of mt-comments.cgi to something different and update mt.cfg. This change will make upgrading a little more difficult, but it is worth the pain to keep the bulk of comment spam away (for now).]