On 1/16/07, Simon Waters <simonw@zynet.net> wrote:
This is the same issue as the email spam issue. Identify by source, or content. Just as content filters are error prone with email spam, they will be error prone with other types of content.
Agreed, but the average end-user has not been subjected to the long, arduous, usually fruitless task of requesting their IP be removed from a DNSBL. So what's the alternative? Popping up a page to allow them to be removed from the list? While this may work, getting an IP removed generally takes days, if not weeks. By that time, any comment they wanted to post would be irrelevant. You could mark that particular comment as moderated and check it by hand, but then the spammers will adapt and "go through the motions" with every comment, making moderation difficult if not impossible.
I think either approach is viable, as long as the poster has an immediate method of redress. ("My IP is clean" works, and scales, "this URL is safe" works but doesn't scale, "this post" is safe is viable). In each case you need to make sure the redress is protected from abuse, so some sort of CAPTCHA is inevitable.
Hrm.. captchas have their own set of problems. Accessibility, confusion, etc. Not that they don't work, but if you make the captcha readable enough for humans, then it's inevitable that an OCR program will be able to identify it as well. There has been some progress with alternative captchas that require some thought on the user end, but in the end it becomes frustrating. -- Jason 'XenoPhage' Frisvold XenoPhage0@gmail.com http://blog.godshell.com