October 9th, 2006 by
Daniel ElstnerI’m fairly new to all this blogging stuff, and one of the first questions I had to resolve was what kind of anti-spam measure to deploy. I was almost set to just install CAPTCHA as it had been recommended to me and get on with it. However, while looking into the topic I have been informed that CAPTCHA is not only a good anti-spam solution but also a huge show-stopper for accessibility. It’s rather obvious actually.
As a contributor to the GNOME project, who is aware of the huge accessibility effort put into it since GNOME 2.0, I feel at least a bit awkward to completely shut off my blog’s comment area to a part of our user base. And no, I don’t think that it is unreasonable to assume that visually impaired people actually want to use my site. At least it’s no more unreasonable than to assume that someone is going to read my musings at all. 
In short, unceremoniously shutting the gate against disabled people to solve a problem that has nothing whatsoever to do with them is completely unacceptable to me. Heck, I’m not the social romantic kind of guy, and I know that a dedicated blog like mine would probably not be of much use to e.g. many of the mentally disabled. Or to my grandma, for that matter. But there’s no reason whatsoever why this site should be less useful to the visually impaired than to people with perfect eyesight. After all, blind people are uber-geeks who communicate in a secret code resembling an extraterrestical alphabet from planet Braille.
Thus, I decided to rely on Akismet as non-intrusive anti-spamming measure for now. First-time posts are always moderated so no spam should get through. As I don’t have much experience in this matter, it might turn out later that something more is required to cope with spam. I had a look at Hashcash which seemed a nice solution at the first glance. However it makes heavy use of JavaScript features, thus requiring a fairly solid and complete interpreter. From what I understand this rules out current screen reader tools and therefore defeats the purpose.
Maybe I better start piling up some sandbags right now.
Murray Cumming says:
October 10th, 2006 at 18:38
Works too.
Gabriel Pannwitz says:
October 10th, 2006 at 20:14
I have never had problems with spammers commenting my blog.
Then again, my blog has never had the massive readership that your blog is destined to have
I think spamming on comments only gets to be an issue if you are high profile.
Congrats on your new site!
Benni says:
October 11th, 2006 at 13:34
Akismet really kills off most spam comments. Sometimes I get 100/day so it’s a nice to have WordPress plugin. I’d say it misses one in each thousand spam comments so it doesn’t take much work to keep your blog free of spam.
Moritz Angermann says:
October 11th, 2006 at 13:48
Spam is a serious issue. Even for low profile pages. My site has only 10 to 15 views/day. Yet again I’m getting sometimes hammered with spam.
Yesterday a whole netblock from the Ukraine was pushing comments and trackbacks at a 30 second’s rate. Literally I got more spam then I was able to delete. Akismet did flag it as spam but I still had to delete it all myself. That is on Typo so I don’t know how WP handles spam.
The most effective method I found is to have a jabber notifier that tells you about events on your blog and in case of an emergency just disable sidewide comments and trackbacks temporarily.
Another finding is that usually _one_ article will get spamed and the rest will be left uneffected. Those articles are, at least to my experience those with date quite a bit back in time.
> First-time posts are always moderated so no spam should get through.
This might turn into a serious headache for spam unless it get’s deleted automatically.
regards,
Moritz Angermann
Murray Cumming says:
October 11th, 2006 at 19:46
> Akismet did flag it as spam but I still had to delete it all myself.
Yes, that’s out of the question for me. Spam shouldn’t require my time. The captcha stops spam (and disabled people, unfortunately) before it gets that far.
Elliott C. Back says:
November 23rd, 2006 at 03:01
You might want to, uh, check out a more recent version of Hashcash, just FYI. I think it’s at 3.2 right now
danielk says:
November 23rd, 2006 at 15:47
Yes, I think that’s also the version I actually installed. But that doesn’t remove the requirement of ECMAScript to be supported and enabled, does it? Personally I don’t have any qualms with JavaScript as such and have it enabled most of the time. However, making JavaScript a strict requirement for commenting on my blog is a measure I’d rather avoid.
Basically, my policy for this site is that I don’t care much how it looks in older browsers (say, anything released more than four years ago), as long as the content is still intelligible and the essential functionality is available. Posting comments should be possible without JavaScript, unless support for it some day becomes ubiquitous even among text browsers and on mobile devices. Although by that time spam bots will probably interpret it too.