responding to comment spam



  • My website has several forms which are periodically spammed.

    When a submission gets flagged as spam, and is internally rerouted to where spam should go, what is the appropriate response:

    1. show an error or
    2. show the regular message indicating that the message has been sent like normal

    The problem with the first option is that in theory the spammer now knows that his email is being flagged, and he might change tactics such that the heuristics don't catch it

    The problem with the second option is that if it is in fact a legitimate user they won't know that there is a problem



  • It depends on the rate of false positives versus true positives. If most of the time the spam detection blocks legitimate users, the second option would hurt them. But I believe that on most systems, the amount of spam comments are larger than false negatives.

    I would keep records on how the spam filter classified posts, and compare the false positives with the true positives, and see if the ratio is acceptable. If it is acceptable, don't let spammers know they are blocked so they will not change their methods and will keep being blocked without knowing.


Log in to reply
 

Suggested Topics

  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2
  • 2