We looked at the various anti-spam measures afforded to WordPress users yesterday, so it seems right that we should look at how Movable Type (MT) users can tackle the comment spam problem today.

But before we go on, I’ll stick my neck out and state something I’ve always wanted to say: MT’s anti-spam solutions aren’t, or rather, weren’t at the level of those available to WordPress users until recently (when SpamLookup got its upgrade and Akismet was ported to MT). Full stop. You might point to MT’s TypeKey service, but I point this out in return: Why should any of our readers be subjected to the hassle of authentication when WordPress plugins can effectively tackle spam without it?. Yes, I’m saying this after reading Six Apart’s documentation on the issue as spam still “drips” into my MT blogs on a regular basis even though I’ve applied all measures bar TypeKey (and other authentication services).

Anyway, enough of my rant. Let’s get back to business. Here are the various anti-spam solutions you can adopt for your Movable Type blog. If, however, you hate reading lists and want a concise anti-spam solution, jump straight to the bottom of this post.

One-Stop Plugins:
These plugins can normally be used alone to suppress most of the spam targeting your blog. However, you might want to combine a couple of them for maximum effectiveness. See the conclusion at the bottom of this most for further details on that.

1. SpamLookup (packaged with MT 3.2 and above)
   Once an independent plugin, it’s now packaged with every MT distribution of version 3.2 and above. Basically, it incorporates the functionality of several individual anti-spam plugins, e.g. MT-Blacklist and MT-DBSL, and adds quite a bit more. Currently, it tackles spam via lookups (IPs, domain names and trackbacks), link analysis and keyword filtering - such that its closest WordPress counterpart seems to be Spam Karma 2. For a guide on making the most of SpamLookup, check out this post over at Neil’s World. But IMHO, even with this guide, SpamLookup still lets in quite an irritating amount of spam on my MT blogs.
2. TypeKey (an alternative plugin) or OpenID
   TypeKey, its close relative (Tiny Orwell), and OpenID are authentication services that require your readers to register for a TypeKey account before being allowed to comment. Probably the most effective anti-spam solution available to Movable Type until recently. Thank god for that because when analysed in comparison to WordPress’ best anti-spam methods (e.g. SK2, Akismet, etc.), TypeKey can easily be found wanting. For one, TypeKey is a hassle to your users. Having to register just to comment sucks, and you’ll lose quite a number of commenters this way. Secondly, TypeKey is a hassle to you. In order to prevent spammers from registering for TypeKey and spamming your blog, you’re supposed to moderate the first comment any new commenter makes on your blog. This wastes time. Thirdly, registering for TypeKey entails your readers to solve a CAPTCHA. As I explained earlier, this poses accessibility problems. Thus, only use TypeKey if you’re really desperate, or have a very dedicated audience willing to look past the hassle.
3. Akismet for Movable Type (an alternative plugin)
   One of the best anti-spam services from WordPress has been ported to Movable Type. Besides having to install the plugin, ironically, you will also have to get a WordPress API key to use the service. Using Akismet alone is probably the best anti-spam solution available for MT users at the moment since there doesn’t seem to be any individual plugin that would work well in combination with Akismet (please correct me if I’m wrong). However, the current Akismet for MT plugin still isn’t as good as the one for WordPress due to conflicts with MT’s in-built spam filters and options (SpamLookup?).

Individual Plugins:
These are individual plugins that when used alone can tackle a reasonable amount of spam. However, most have critical weakness that make them unsuitable except when used in combination with more robust anti-spam solutions (like those in the One-Stop category). If you are still interested though, read on:

1. CAPTCHA (an alternative plugin)
   These plugins force your commenters to verify their “humanity” by identifying jumbled text displayed in an image. They are highly effective against spam bots, but can literally destroy your blog’s accessibility and usability as the vision-impaired or those using text-only browsers can never verify themselves. It is, therefore, not surprising that CAPTCHA is usually a last resort against comment spam. Also note that CAPTCHA cannot stop manual comment spam (i.e. determined spammers who answer your CAPTCHA just to push through a spam comment)
2. MT-Blacklist
   A content filtering plugin (somewhat similar to WordPress’ Spam Karma 2) whose functionality is now part of MT’s default anti-spam package, SpamLookup. MT-Blacklist and its replacement component were/are definitely useful, but they are inadequate to tackle increasingly intelligent and infinitely resourceful spammers when used alone - especially given the effort involved in maintaining your blacklist. But then, since it’s been packaged with SpamLookup, you won’t be using it alone anyway.
3. MT-DBSL
   MT-DBSL is, or rather, was a plugin that refers to a centralised directory to determine whether the IP of a commenter is listed as an open proxy. It’s functionality is now part of SpamLookup, MT’s default anti-spam package. Here’s how it works: Since most spammers use open proxies, moderating or banning comments from open proxies acts as a pretty strong spam deterrent. However, not all spammers use proxies, and likewise, not all users of open proxies are spammers. This fact alone makes MT-DBSL suitable to run only as a complement to a more robust anti-spam solution. FYI, for WordPress, a plugin like this is included within Spam Karma 2.
4. MT-Bayesian
   A plugin that uses statistical analysis to determine what is spam. However, it is surprisingly inaccurate in light of modern spam, which is often indistinguishable in terms of statistics from non-spam. Moreover, this plugin is supported only up to MT 3.1, and should thus be considered as outdated.
5. Real Comment Throttle
   What this plugin does is to limit the total number of comments coming into your blog within a certain time period. When spam causes this limit to be breached, the plugin will automatically stop all further comments from coming in. However, while this plugin is reasonably effective in tackling spam spikes, it will also prevent legitimate comments from coming in after the set limit has been breached. Support for MT 3.2 and above does not seem to be available though.

Conclusion:
Since SpamLookup is already installed by default, get only Akismet for MT (in fact, you might prefer to run only Akismet without SpamLookup since there are possible conflicts). This is all you’ll need most of the time. If, however, your spam problems still persist, then I’m afraid you will have to consider adding other plugins to the mix. In the most extreme of cases, you will have to install both TypeKey and Akismet for MT (or perhaps even a throttling mechanism). This, however, negatively affects your blog’s usability and accessibility, so it is not recommended.

Again, I’m sure this list isn’t exhaustive or completely correct, so any additions or corrections would be great. Thanks.

Update: I’ve rearranged some of the points and cleaned up several inaccuracies.

If you found this post useful, keep updated with future posts by subscribing to blogHelper (for free) through RSS or email.