Today I just realised that WordPress does not actually delete the incoming comment/trackback, but instead obliviously inserts them into the database with “approved” field marked as “spam”. Yes – every single comment, that has been categorised as spam, is still stored inside my WordPress database, even though I have never received any notification, nor is there a way to revert them back to legitimate comments. And I am backing all of them up when I run the mysqldump in cron jobs everyday!! Aargh!
And looking at the comments stored, my signal-noise ratio is current at 1:7.2. That’s right, by the time you typed up a comment to reply to this meaningless blog entry, 7.2 comment spams are blocked by the WordPress comment blacklist, which by default looks at
- Whether comment/author/url/etc contains character reference (&#<number>;), which is an often-used tactic by the spammers.
- Whether any blacklist word matches.
- Whether the client is listed as an open proxy by opm.blitzed.org.
The combination works pretty good so far, as I rarely receive comment spams. FOCUSer.net has a SNR of 1:14.9, but it still suffered badly as I have to manually update its blacklist everyday to catch the latest spam words. I guess MT is just more heavily attacked.
You might want to try this plugin (if you haven’t already yet):
http://www.chrisjdavis.org/2005/03/03/mass-delete-15/
He was pretty much in the same boat with the whole “comments flagged as spam” bit. While you could manually delete them, this plugin lets you do it from within WordPress =)
Thanks. Even though it would just as easy for me to issue some SQL statements to delete those spam comments…
how are you guys?