Looking at my blog's log, I found that comment spam are posted directly to mt-comments.cgi, without first loading any other page. They should be googling something like "
inurl:mt-comments.cgi" to search for MovableType-powered blogs.
Considering this, defeating those bastards is dead simple: I just changed the names of the comment form's input fields et voilà! My weblog now kindly rejects spam comments posted directly as it finds no input. And this is totally transparent to normal users.
Update: I posted this because I had no blog spam since I set it up 2 weeks ago. And just today, I received a few of them, which actually parse the comment form. Grrr. Their user-agent starts with "libwww-perl", which isn't a real browser, so I added a simple test to reject comments issued by these agents. Et voilà again!
← A new website for Anyware Technologies
Cocoon GetTogether registration opened →