« Save Me, Jebus! (A quote game extravaganza) | Main | Guess the Michael Jackson "Illness" »

in a can

The last 46 53 comments I got (all in the last half hour) have been spam, and they've all been on posts from the last three days.

It's depressing to realize that you have more spammers than commenters.

They are slowly killing my desire to keep at this.

[I'm not going anywhere. I'm just royally pissed off at "Bob" today]


Add CAPTCHA to your system. Like Goldstein or myself (granted I don't use MT so I have no idea how to help). A simple 3 letter code image will stuff most of the spam.

Since I've installed it, I've received 0 spam comments in 3 months.

Hey, I've commented in the last half hour! I resemble that remark! I'm not spam! I'm more like corned beef or deviled ham.

a quick rename of your comments file will help. my host told me how & it's so easy even i can do it. you just have to change two things. cuts way down on things. they can still spam a bit, but they have to do it manually, cuz they won't know the name of your comments file.

Does renaming your comments file affect your archives at all?

Speaking of which your troops at command post aren't doing a very good job deleting trackback spam, WHY IS THERe not a call by blogs for an updated MT Blacklist, the current issue, which I have yet to manage to upload obviously isn't working.

One more thing, The thought occured to me that if any one would be credible to try to bring legal action against these blog spammers it would be the owners of MT, do you think a petition to the owner of MT to ATTEMPT to take legal action would be a worthy cause?

I usually get them in bunches of 100 or 200, and usually on the weekend. None make it through, but I have to clear them out of the moderation queue, and delete all those e-mails, so it's kind of a pain.

Personally, I think we should hunt them all down. That fat spammer paycheck doesn't look nearly as enticing when you've got two broken kneecaps.

Sorry that they're getting you down. I hope that you've recovered from the birthday party and that you all had a great Valentine's Day.

"It's depressing to realize that you have more spammers than commenters."

Actually, one spammer can do the job of 100 commenters- and there are tons of us lurkers out there that are enjoying this too. Please don't get down.


Renaming your comments file is only a temporary solution ... they'll find it again soon enough. I made a couple of minor changes on my site and haven't had a single comment spam since then. And that's without MT-Blacklist, or any other comment-moderation technique. Spam just doesn't get through anymore. If you're interested in doing the same here, e-mail me, and I'd be happy to share what I've done.

I hear spam is a delicacy in Hawaii and Korea.

Please don't stop. I love your blog. Keep up the good work

I have Wordpress set up to throw any comment with more than one URL in it into my approval queue for deletion. I haven't used MT in a while, is there nothing similar there?

If it weren't for comment spam, how would anyone know where to go play Texas Hold'em?

michele, it just makes it harder for them to find the file and automate their spamming. i did it & i only get one or two once in a while.

but i also ran a script to close comments older than 30 days or so.

it affects all of your comments, because it changes the name of the cgi file that runs comments. i'll go dig up the entry i wrote on it and send it to you. as i said, my host sent the instructions because they were tired of the problems all of the MT blogs were causing their servers. 2 changes were all i had to make. rename the comments file and update the mt config file to show the new name.

I already have it so you can't comment on posts older than 20 days - but I don't want to totally screw with my comments by renaming them because I do a lot of searching within my site.

upgrade to MT 3.x, which has comment moderation. Install Blacklist 2.x, which is much better than 1.x. Some of them still get through but they get held in moderation and easily eradicated. Trackback is worse.. but easily solved with MTB 2.x.

As for renaming the comments CGI, if you do it, rename it to something obscure and unique. Any of the published techniques are already noted and incorporated into the automated spammer programs.

Skillzy uses WP, but I found the situation to be 10x worse when I had my testblog with WP. It spit everything questionable into the moderation queue and blocked almost nothing... made it that much more of a pain in the ass to deal with them when you got spanked by a 200+ spams in an hour. Plus there was an exploit the spammers were using that put spam comments on posts YOU HADN'T even written or posted yet, based on the CGI's assignment of numerical Post ID's. I ended up using a plugin called SpamKarma, which is essentially MTB for WP.

I find that the new version of MT handles everything a lot better than it used to and a lot better than I found WP did.

PLEASE don't use CAPTCHA... it's extremely irritating to have to validate every comment. The point is to be vigilant in fighting spam, but not inconvenience your readers/commenters.

please don't stop! you're on my "must read" list!!!!!!!!!!!!!!!!!

"PLEASE don't use CAPTCHA... it's extremely irritating to have to validate every comment. The point is to be vigilant in fighting spam, but not inconvenience your readers/commenters."

Oh please. If 4 or 5 extra keystrokes, which would take a whopping 1 to 2 seconds to complete for anyone who can type, are "extremely irritating" to you, you're either exeptionally lazy or far too uptight in general, or both. Captcha, while not foolproof, is a great spam deterrent, and the inconvenience is minimal. I recommend it.

Don't mean to sound like a jerk, but jeez, if a few keystrokes on my part will save one of my favorite bloggers a lot of time and frustration by reducing or eliminating spam, I'm not going to sit here and whine about it.

i did rename my comment file to something obscure and it has cut down on spam tremendously.

michele, it won't stop you from searching. it still works the same. it just keeps them from knowing the default name (mt-comments.cgi), which is what they use to program their bots.

you're welcome to look at my comments pop-up & see how it works - it's the same as yours, pretty much.

what do you use to search - the search feature built into MT, or mySQL on your server?

Okay, okay. I never comment. Love your blog--please keep at it. Just wanted to be another "non spam" bit.
:-) Thanks.

normally my comments are more pithy than this.


Renaming the comment file only helps with "dumb" bots. Most bots I've seen are smart bots that scrape the form from the page and will instantly know if you "move" your comment file.

MT-Blacklist or a CAPTCHA are the best solutions for Movable Type. For WordPress, you have the excellent Spam Karma, which has a very high (99% or above) success rate at determining if a comment is a spam or a legitimate comment.

Sorry, just got back from working my way through the refinance blizzard. Closed yesterday. Now if my stomach would just calm down.

Imperial Keeper

Add the following to your blacklist:


Makes a big difference. Also add "online poker". Nothing says you have to limit yourself to banning URLs.

In fact, I see my comment went through, so you need the advice.

Hello. I realy like your site. is best of best