Spam, including blog comment spam, is inevitable in the online world. Some spam detection algorithms are better than others, but none of them are perfect. Any spam filter, including filters for blogs, has to find a balance between making sure spam is caught and making sure legit messages get through.
WordPress’s spam filter is called Akismet. My experience is that it tends to lean too far in the direction of making sure spam gets caught. Comments including GIFs or somewhat sketchy-ish links are most likely to get diverted to spam. However, it is what it is, and all we can do is make the best we can of the situation.
Where to find your spam
To find where your blog’s comment spam lives, go to your WordPress dashboard for My Sites, and under the Site section, click on Comments. There will be tabs for All, Pending, Approved, Spam, and Trash.
I’ve noticed that Akismet seems to go through spurts of mistakenly marking legit messages as spam. During those spurts, I’ll check my spam every day or two; otherwise, I check about once a week. In the last couple of weeks I’ve been getting one or two comments a day mistakenly sent to spam, so I’m checking more often.
Human spam vs spambots
Blog comment spam can come from two potential sources: humans navigating to your site and commenting, or bots that are sent on an automated journey out into the blogosphere.
The vast majority of the spam comments you’ll get on your blog will be from automated bots. Their goal is to spread their links far and wide with the hope that a few people might click on it and be taken to their site. They don’t care who you are or what your site is about; they’re just crawling along and dropping their link. Sometimes the comments left by these bots are clearly spam; other times, they’re written as though they’re a legit comment to try to fool spam filters.
Then you have spam left by a human. It’s not necessarily easy to tell the difference though. I recently got multiple, identical long spam comments about how ECT is torture. That was presumably a human wanting to spread his message far and wide.
I also consider it spam when individual bloggers will leave a comment along the lines of “Great post. Please read and follow my blog [URL].” Unless I think the person is legitimately a doofus and doesn’t realize that’s uncool, I will mark the comment as spam. I’m more willing to tolerate links if the person makes an actual comment on the content of my post beyond just the generic “great post”.
WordPress allows you to blacklist commenters so their comments go straight into your trash. This is useful because it can make it a lot easier to go through your spam folder to find legit comments.
Blacklisting is done under My Sites > Manage > Settings > Discussion. You’ll need to be careful because if, for example, you blacklist “press”, then anyone commenting from a wordpress.com address is going straight to trash.
Have a look at some of what’s ended up in your spam folder. Ignore the names associated with the comments; those change each time. Instead, look at the URL. The exact URL will vary, but you’ll probably notice a lot of common domains. I get a ton of comments from various extraproxies.com addresses. I’ve blacklisted extraproxies, so those are no longer clogging up my spam folder.
Differences based on WordPress plan?
Since I’ve upgraded to the WP business plan, I’ve stopped getting spam (although I’m having more legit comments go to spam). It’s still the same Akismet spam filter; it’s just the form for leaving comments that’s changed. I’m curious if people who’ve moved over from WordPress.com to self-hosted have noticed a change in the spam they’re getting.
I guess the last thing I would say is to try not to take spam personally. It’s an irritation, but it’s an irritation that’s directed at everyone, so chances are no one is picking you out for special treatment. And if they are, blacklist, blacklist, blacklist. And spam can even be good for a laugh sometimes.
Does anyone else have any spam management strategies that they use?