More (or less) spam

Today I installed John Wiseman’s HMPassphrase plugin and changed the comment section to reflect the addition. You’ll now have to answer a simple question to get your comment published. It’s sort of like Captcha in that it tries to distinguish between human commenters and bots, but it’s simpler.

I’m not happy with the error message it gives if the comment is rejected:

In an effort to curb malicious comment posting by abusive users, I’ve enabled a feature that requires a weblog commenter to wait a short amount of time before being able to post again. Please try to post your comment again in a short while. Thanks for your patience.

Obviously, I don’t care what kind of error message a bot gets, but if a legitimate commenter makes a typo, I’d rather see a message that’s helpful, not misleading. I’ll email John Wiseman and see what he says. ( Update: Mr. Wiseman believes there’s no way to modify the message for different circumstances. And I haven’t found anything through Google, so it looks like the misleading error message will stay. Have I mentioned that I’m considering a move to WordPress? Not because of this problem, but WP seems to have more active development and more solutions to blogging problems. I worry about having PHP-generated pages, though.)

My comment spam comes in waves, which I guess is common. Since the last time I fiddled with the settings, Movable Type’s spam blocker has been doing a pretty good job of keeping out the junk, but when dozens of spams start piling up, it always seems to let a few in. Until now, I would look at which posts were attracting the waves of spam and disable comments for those posts. With luck I won’t have to do that anymore.