Thursday, November 26, 2009

Mollom: A solution to comment spam

Passwords, user accounts, email verification. I have never liked requiring my website's visitors to register before they can leave a comment.

There is a large segment of people that like to submit quality comments online, but they don't want to be required to leave their personal information there.

So from the beginning, I have always allowed anonymous commenting by unregistered visitors and for the most party, they quality of the comments haven't suffered.

However, allowing for anonymous comments also invited my site into a war against comment spam. My latest weapon to do the fighting for me in this war is Mollom.

Mollom LogoI was first introduced to Mollom in the Fall of 2007 as a beta tester. Prior to Mollom, I had been using a number of techniques, modules, and services with limited success in blocking unwanted spam.

While some of these filtering methods did help me filter out unwanted content, I was still spending quite a bit of my time moderating the comments for potential spam.

Worse, in long absences from the site I had to disable anonymous commenting for fear that I would come back to a site riddled with ads for the latest popular pharmaceutical drugs or some girl that wanted to be seen for a price.

That's when Mollom entered the picture and helped stop most of the spam from entering my site.

In the two years since I've used Mollom, the service probably has blocked more than 100,000 pieces of spam from being posted at my site.

Since, the current statistics provided by Mollom only date back to early 2008, the official number of spam blocked stands at around 77,000.

In other words, I receive an average of 120 comments a day that require no moderation on my part.

Mollom Statistics for CMS Report: Trend of spam/ham from Mollom for CMS Report, February 13, 2008 to November 20, 2009.

Mollom Statistics for CMS 
Report: Trend of spam/ham from Mollom for CMS Report, February 13, 2008 to November 20, 2009

This isn't to say that Mollom is perfect.

Once in awhile, I will see a half dozen spam comments suddenly appear at my site. In part, this is likely because the spam filtering service hasn't learned that this particular style of spam comment is unwanted content.

I also think it is because of my choice to not pay one dime for this valuable service.

I'm using the free version of Mollom which does not make available access to the high-availability back-end infrastructure that Mollom's paying customers on Mollom Plus are able to access.

However, from what I have observed, even the downtime for Mollom Free is rare.

Luckily, your CMS module or plugin can provide a fallback site access to the Mollom servers is unavailable.

This fallback strategy gives you one additional safeguard in making sure your site doesn't go unprotected when Mollom is down.

Mollom Fallback Strategy

For my Drupal site I usually leave the forms unprotected if Mollom's servers fail for fear blocking a quality comment from the site.

However, when I'm going on that week-long family vacation I will toggle the Fallback strategy to block submissions when there are issues with Mollom servers.

If you're not using Drupal, you'll have to check your CMS's own module for Mollom to see what fallback strategies have been made available to you.

CMS modules using Mollom are available for Wordpress, Joomla!, Radiant, SilverStripe, StatusNet, and of course Drupal.

Spam filtering services such as Mollom are well aware that there are smart people out there trying to find new ways around the spam filters.

In a recent online interview with Dries Buytaert, we instant messaged back and forth on what is being planned for Mollom.

That interview started out with a simple question by Dries, "Will it be favorable or not?".

Dries would have given the interview no matter my opinions on Mollom, but I think he wanted to know how much I understood the environment that the spam filtering industry must work in.

The service's nature is such that it isn't perfect. Being in the spam protection business is hard because there is no such thing as a perfect service. So different people have different expectations.

I'm no stranger to the amount of work required by IT folks to make the difficult happen in ways that convinces the user such tasks are easy to deliver.

So the interview with Dries quickly turned away from concerns of any failings Mollom may currently have toward what we can look forward to in Mollom's future.

According to Dries, there are some welcome improvements for Mollom coming down the road. For example, Mollom is planning to introduce an interface for URL reputations.

Currently, Mollom will use CAPTCHA when it doubts the legitimacy of a comment. CAPTCHA is great for preventing automated spam being served to your site, but it doesn't do so great with human beings submitting spam.

Mollom also doesn't ask for a CAPTCHA when it believes the comment to be legitimate. Some spambots that embed good content with bad links can trick spam filters in thinking the content is good.

That's why some of Mollom's users have asked to be able to identify and block legitimate looking comments with the known spam links (called a URL Limiter based on URL reputations).

Mollom is hoping address this request soon.

Below I've compiled a list of of features for Mollom that Dries says are currently in alpha or beta testing.

Although many of these features have not yet been implemented, it is a good bet that we'll likely see them within the next several months.

Possible new features to be in included in Mollom
  1. Improved Classifier on the back-end. The improved classifier is expected to help Mollom better determine whether those comments and articles are spam, no spam, off-topic, etc.
  2. New Site Design for Mollom is revamping the website with a new design. The design is ready but still needs to be implemented.
  3. A new language detection api to identify what language a post is written in.
  4. Mollom will have APIs to expose URL reputations allowing we'll tell you whether it might be a spam url or not
  5. Support for SSL websites.
So for now, I'm sticking with Mollom. I know a few of you leaving comments will complain about Mollom, but I honestly don't know of a better alternative.

If you are a business or busy site owner that can't afford to allow comments to go unchecked I think Mollom is your answer and would encourage you to look into the Mollom Plus or Mollom Premium packages.

I've been on the hunt for a good spam filter for so long that I know a good thing when I see it. Mollom was the right solution for me and likely the solution to your spam problems as well.

Although I've made up my mind, I'm sure people would appreciate to hear the experiences of others using Mollom.

I'd especially like to hear from those that have subscribed to one of the pay packages their impression of Mollom.

Now that this post has been finished, I suppose we'll also have to see how hard the spammers work into getting a comment submitted to this post.

In the past, I've noticed they have put extra effort in placing spam on posts such as this one.

No comments:

Post a Comment