I’m being slowly overcome by spammers once again. The defenses erected in 2007 held well, but against sweatshop spammers they’re useless. I’m now routinely receiving ~10 spam comments every day.

Here’s a sample Rentacoder bid request:

looking for a person familiar with leaving comments on blog postings.

I will supply all urls to leave the comments

commenter needs to leave simple comment , email, name and website. Comment cannot be spam needs too relate to topic but not extensive.

please quote per 50 comment blocks

Here’s another one:

I need someone to post comments on do follow blogs.

I need 25 comments in different blog sites.

All must be related to my site. My site is under home and garden category. So it’s easy to find a blog related to this.

Comments must be in good English and 15 words long, good English and don’t make a spam comment,keyword and link should be use in the comment body or name field.

When you’re done just provide me the 25 links where comments are posted.

I need this done in 2 days..easy job! easy money!

Rentacoder and the other outsourcing sites are packed full with such offers. People from developing countries take them up and get paid pennies for each comment, but it’s very effective! The comments are sometimes so “real” they’re hard to differentiate from true comments – only by looking at the link you can tell. The most devilish tactic is just copy-pasting a sentence or two from the post or another comment, so it even appears the commenter knows what he’s talking about.

Reading the logs of the blog, I found that many visitors come from this list – The Ultimate Do Follow Blog List with High Pagerank. Apparently, my blog has a high enough pagerank and doesn’t use the nofollow tag on comments. Wait, isn’t Wordpress supposed to do this by default?

A short investigation brought up that:

1. Wordpress indeed (since version 1.5) adds ‘nofollow’ automatically on all links in comments and the comment author’s URL
2. In my blog, ‘nofollow’ appears in links inside comments, but for some reason not in the authors’ URLs!

Digging in even deeper, the culprit turned out to be my Gravatar plugin, which re-writes the comment author’s line to insert its image. I forgot to check the ‘use nofollow’ option of the plugin, so indeed my blog became a sweet-spot for spammers!

So it’s fixed now. SPAMMERS – NO MORE PAGERANK FOR YOU!

I surely hope this will reduce the amount of spam on the blog.

Related posts:

1. Spam madness
2. Fighting blog and forum spam – a temporary victory
3. spam-filters on output
4. spam
5. Improving anti spam security of my ESMS forum

This entry was posted on Saturday, September 26th, 2009 at 07:52 and is filed under Blogging. You can follow any responses to this entry through the RSS 2.0 feed. You can skip to the end and leave a response. Pinging is currently not allowed.