Spammers are a crafty bunch. You have to be vigilant to keep them at bay.
I do use the Akismet spam filter, but I still have incoming comments held for moderation just in case.
Here are the four things I look for:
1. Is there a URL?
If there is a URL, I check to see if the site relates to the topic, or if it is trying to sell something. Usually you can tell by just looking a the web address itself.
Many times I just use CSS code display: none; or will comment out the code that makes the URL/Website input field. I find it unnecessary. They can always just paste a URL in the comment box.
2. Name and E-mail address
Does the name match the email address? For example, if the name is “John Smith” and the email is “firstname.lastname@example.org” then there is a good chance the comment is spam.
3. The Comment Text
Is the comment ambiguous? Could it be applied to anyone’s comment on about any blog?
4. Date of the comment vs Date of the post
If the post or the last approved comment is at least a month old, then there is a chance a spambot just visited the site. I have recently started closing comments after 14 days; this setting is under Settings >Discussion.
For example, a comment held for moderation showed up today for one of my client’s blogs:
Really nice blog you have there. Some of your posts really impressed me. I will definitely visit your blog again!
The comment seems like a nice thing to say, but it is very ambiguous. It could apply to my client’s blog, my blog, or a blog about housebreaking puppies. That’s one.
The name did not seem to match the email address. That’s two.
Is there a URL? No.
Was the comment left on an old post? No.
With 2 marks against it, should that be enough to mark it as spam? For this example, yes.
Here is my reasoning: I think the spammer is checking for 2 things…
Checking for open commenting.
This spammer is first knocking on door, not to see if anyone is home, but see if the door can be pushed open.
Checking for “Comment author must have a previously approved comment”.
This time the door did not open, but now the spammer will see if anyone will answer the door and let them in. If “Comment author must have a previously approved comment” is checked on, and their comment is approved, they can now comment again without hindrance (until they are caught).
Do you have a favorite spam blocking plug-in? Let me know in the comments.
But, uh, you only have 14 days to let me know.