There's been some brouhaha over comment spam especially related to Movable Type, which is the publishing platform Blog@Case is based upon. The first person to really bring it to light was PhotoDude in MT Plus Comment Spam Equals Dead Site. From there, it went crazy getting a Netcraft post, a Slashdot post, and comments from Six Apart, the makers of MT. And, of course, someone around here made the connection.
A lot of people have been harping on Movable Type, but what seems to go unnoticed is, the flavor of blogging system that is used is orthogonal to combating comment spam. Comment spam affects all blog users and all blog systems. Switching blog software because you are afraid of blog spam would be like switching email servers because you are afraid of email spam. Basically, it means you do not understand the problem.
So, what does Blog@Case do to combat comment/trackback spam?
First, the comment script has been renamed. This prevents the more stupid bots from being able to just stumble across a blog, assume the location of the "post comment" CGI is
mt-comments.cgi, and execute an arbitrary
POST of their icky payload.
The second counter-measure is Jay Allen's excellent MT-Blacklist plugin. MT-Blacklist has a lot of features including content based comment/trackback spam blocking, blacklist URLs, blacklist regexes, forced moderation of comments on older entries, automatic blacklist updates from the master blacklist, etc. And, my favorite is that the plugin learns from the entire system, so if user A gets spammed, users B, C, D, E... will not.
Yoda says: Ugly hacks that reduce accessibility and create cross-browser compliance problems, an effective way to combat spam is not.