Currently, we've got a couple of different ways to control comment
spam in Roller.
* Three levels of blacklist: comments that match blacklist are
marked as spam
o Built in blacklist: based on old unsupported MT blacklist
o Site wide blacklist: global admin manages this blacklist
o Website blacklist: each weblog can define a blacklist
* Comment moderation: when enabled, comments must be approved by blog owner
* CommentAuthentcator: determines if user is allowed to comment
o You can plugin your own by implementing the comment
authenticator interface
o Default authenticator does nothing
o Math Authenticator presents math question, verifies answer
o CAPTCHA authenticator is possible too, but we don't ship one
* Comment throttle: IP addresses that send rapid-fire comments are banned
There are problems with each of those methods and even when combined
they're not enough to control spam. We've discussed other ideas for
comment spam control like forcing long comments into moderation,
rejecting comments with too many links and rejecting comments judged
by Akismet to be spam. Those are all good ideas, but if we start
adding special rules ad hoc, we'll end up with a mess.
What we need is way for Roller site administrators to define a chain
of comment validators so that we and others can add comment spam
processing rules, which are then treated in a uniform way in the
Roller comment servlet.
Read the rest here:
http://rollerweblogger.org/wiki/Wiki.jsp?page=Proposal_CommentValidators
Pease respond with comments here on the list.
- Dave
