I was asked recently what I do and might recommend others do about spam posts.
This website will ask anyone commenting anywhere for their eMail address. If the post looks reasonable, I will send a test eMail to that eMail address. If that eMail bounces, the post is rejected. Simple as that.
The webmaster (me) will look at a post. If it contains scrambled words (in fashion recently), or atrocious grammar, or just gobbledygook, the post is rejected. Also simple.
I keep a spreadsheet of bad posters and their IP addresses. (My provider, HostPapa, has a tool called the IP Deny Manager. It manages the .htaccess file for me, under the covers. This is a good idea, because if you deny yourself, you can’t get back in to fix it. Apparently this has happened to some website owners.)
I keep track of every spam post attempt. I have the date, IP address, and content characterization. Since I started keeping track, there have been over a thousand crummy spam posts to various parts of my site. It is a frustrating time-waster. Such the price of setting a basic level of quality.
Having my own sortable and searchable record gives me some insight: If you spam me twice, you get denied forever. If your spam post IP address is in a spamming range, I may deny that range forever. I do this particularly when Arin Whois tells me the IP address range is somewhere really strange – I don’t really expect to be sold Nike shoes or cheap sports jerseys by someone in China with odd English. This is just an example. EMails pretending to be in Germany have been in style lately – ending in .de for example.
There are WordPress add-in tools to help with spam, but I’m not sure they’re going to reduce my work. My site is set up so that nothing goes up unapproved. If you are allowing posts up without approving them, there is a plugin (Akismet I think) that will attempt to make the spam – not spam decision for you.
However, you must/should then check every post to make sure the correct decision was made. And fix the wrong guesses. I don’t see that as being less work than my method. Meanwhile the plugin is telling the world about your posts. It uses your decisions to make other decisions, in the cloud. My understanding, anyway,
(as an aside: my Internet browser does Not come up with any web page by default. I see no reason why Microsoft or CheckPoint or McAfee should be notified every time I go online with FireFox. My browser comes up with a local file, which I created on WinXP with FrontPage. The file has a few hotlinks, such as to WordPress administration, that are convenient for me. My wife’s computer’s browser comes up with a blank page. To quote my writer friend Steve Donnelly, in Crash Cathcart, “You agreed to inform on yourself when you took out a driver’s license.” To which I add, or logon to a web page, or turn on a cell phone, and the list goes on. Yes, I am paranoid about surveillance, and so is Steven Aftergood – which see earlier in this blog, eh?)
So, if you are the bizarre poster who asked about spam help, check your WordPress admin panel. There is a default plugin already installed and its name is Akismet or something close to that. You will likely need to update it and then activate it.
Oh yes, and next time, provide a real eMail address. WordPress keeps that between you and me, and I will check that it can receive a test message. OK?