Yes, fighting blog spam has been a huge distraction. I would rather be creating things than roach stomping. But I refuse to close off comments completely; it runs dead against what blogs should do to foster community building.
About 36 hours ago, I took the approach of renaming my mt-comments.cgi script. The new name was discovered by spam bots in less than 24 hours, so I doubt they are scarfing it from Google (regardless, for now, I am excluding all robots in the server robots.txt file, though I doubt the majority of bots even pay attention to that anymore).
The problem in my previous approach of funneling all comments to the individual entry form is that the HTML source clearly reveals the URL for the script to generate spam. I had done it completely backwards by removing links to the pop up comment form. So the goal is to remove the full URL from all pages for http://………/cgi-bin/mt-comments.cgi?entry_id=X which is the direct addresses the spammers need as well as removing the comment form from the bottom of the individual entry.
Also, long overdue, I updated the MT software to version 2.661, which introduces some code that prevents multiple script calls in short spans of time, or what is known as “throttling”. And Yes, D’Arcy, I have my MT-Blacklist up to like 1100 entries (likely slowing the comment posting way down), but I find it only catches a handful of regular attempts- the 3 waves I got this week were all not on the blacklist (but they are now).
The War goes On.
The post "Rolling Up the Sleeves On Spam War Front" was originally pulled from under moldy cheese at the back of the fridge at CogDogBlog (http://cogdogblog.com/2004/05/rolling-up/) on May 11, 2004.