In an attempt to stop the insane multitude of comment and tackback spam flying my direction, I have implemented the grand-daddy of all anti-spam plugins, Spam Karma. Spam Karma checks comments/trackbacks for the following: if the poster is logged in the current blog and what his user level is (e.g. automatically approve Admin posts), presence of “bad” HTML entities. presence of a HTTP_VIA header, proper use of the posting form (hash value must be present), time taken to fill the comment (e.g.: if itâ€™s less than a few seconds, most likely spam), first time posters posting many comments at once vs. old-timers (with comments previously approved by the admin), IP and regex match for URLs contained inside the comment (small weight only for non-URL text matching a URL regex), realtime Blacklist (RBL) Server check for IP and URLs, commentâ€™s age (e.g. penalize comments on very old post). After Spam Karma finishes with its gauntlet of checks, it assigns the comment/trackback a score. This score determines how the comment/trackback is handled. The comment/trackback is either automatically approved, held for admin moderation, or automatically deleted. So far, Spam Karma is doing a good job. If you experience any problems, please contact me. My email link is located in the sidebar to your right.
If you are looking for other anti-spam solutions for WordPress, look here.
Update: I’ve gone back to using WP Hashcash.