A month ago I remembered about an old blog we have had and checked it out... After months of negligence it had 9999 spam comments It was outdated and had no spam protection at all... It was quite unpopular (no PR at all) but it has still been of interest to spammers...

Still spam is more than most people think - it is not only about bots and there is much more than just posts about popular medical products. My experience with Spam fighting comes from a popular hosting forum with Google PR 8 and a few popular blogs (WordPress).

So when I really want to protect a site from spammers I follow a scenario of 3 steps:

1. Implement Project HoneyPot. This is the first trap for spammers - both bots and humans. Time has shown that there are many humans posting spam comments and posts. Project HoneyPot detects them all through a large distributed network of honeypots and adds them to a blocklist.

The project offers integration about almost any application. It has even a beta version of an Apache module so its implementation should not be hard.

2. The next thing to do is to enable reCaptcha. This way we address all threats from bots because most spam does come from bots. These bots often reside on zombie computers and might not have been spotted by Project Honeypot yet.

Of course reCaptcha is not perfect and some advanced bots can pass it. Its biggest drawback is that human spammers bypass it easily.

3. The last step is to set Akismet. This is the final trap, the boss of the Spam defense. It filters posts by hundreds of tests about known spam patterns. It is much advanced than the previous methods and ensures very high level of defense.

If you implement the above solution with all of its parts you can feel pretty safe about your site or blog. It's biggest benefit is that it saves you a lot of work and does not require you to update manually anything.

Still, it is a 99.99% protection. A popular site is targeted by more than 1000 spam attempts a day which means that more than 1 spam post / comment will go through.

That's why it is a good idea to monitor and even pre-approve each post / comment.