That statement was meant as an ideal case, and meant to include all humans of every ability type and level (excluding those posting spam as piecework), and any nonhuman sentients who are also not spammers. I think CAPTCHAs are a tool that is far from ideal. I'm sorry I was not more clear about my feelings on this in the original entry.
The best way of telling spam from real comments is always going to be educating the journal owner about the many forms spam can take, and allowing the journal owner to report to the antispam team the comments that are spam. One of the more insidious forms of "test spam" is the irrelevant comment, which is often a comment that was probably written as part of legitimate discourse elsewhere, and then copied into a spammer's arsenal and blasted out to see where it would stick. It of course makes little to no sense when commented to the entry under attack, and the journal owner can generally tell, and tends to report or ask about it. An irrelevant comment could possibly fool spamwhackers who don't have the same knowledge about the normal flow of commenting on that particular journal, and a comment that makes no sense to the average spamwhacker might make perfect sense to the journal owner. (For example, if I were to yell "GET ON MY HORSE" at zarhooie in an entry that has nothing to do with horses, she and I would understand what we were talking about, but we wouldn't expect anyone else to understand.)
In the absence of the journal owner actively weeding spam comments from legitimate comments, a journal that allows all anonymous comments is a spam magnet. And currently Dreamwidth's methods of fighting this are inadequate, and I don't know exactly how inadequate because that spam is not being reported to me until the owners come back. Every now and then there's a lump of incoming reports that include comments made quite some time ago, often including spam sources that were already addressed quite some time ago, but usually including some that we've never seen before. This pattern seems to be what happens when someone comes back from a hiatus and cleans up spam that was left in their absence. Cleaning up a spammed-up journal is an onerous task that I would not wish on anyone.
There are some things that I considered (however briefly) and then discarded; there are other things that I'll be discussing further with staff.
Allowing a site administrator to delete anonymous comments off an inactive journal, even comments that are obvious spam, horrifies me in a visceral way that I'm not entirely sure how to describe. It would be a very direct way of dealing with already left spam, but it would break every expectation of privacy and autonomy, would be a crappy task to carry out and would not scale well, would run a very real risk of deleting legitimate comments (and deleting legitimate comments already in place is something I consider as worse than leaving spam in place or frustrating a non-site-member or logged-out site member trying to leave an anonymous comment), and I also don't know whether having an administrator doing that would expose Dreamwidth to additional legal risk from spam that was not spotted and removed.
Turning off anonymous comments entirely would certainly block anonymous spammers, but would also block any and all legitimate anonymous comments.
Automatically screening all future anonymous comments would screen anonymous spam, but would screen any and all legitimate anonymous comments. This fails what I have started to call "the Jumpy test", for journals that still may receive comments, but whose owners will never return.
LiveJournal has a dedicated system that scans every incoming comment against a number of criteria to determine if any given comment is bad enough to be actively blocked, or merely suspicious enough to be automatically screened. Implementing a similar system would need to first be discussed with staff before I would put it through suggestions.
Presenting CAPTCHAs to logged-in users commenting identified just because the journal they are commenting to has become inactive would not serve any useful purpose that I could think of, and would (at minimum) annoy the logged-in user. This proposal is only about anonymous comments.
no subject
The best way of telling spam from real comments is always going to be educating the journal owner about the many forms spam can take, and allowing the journal owner to report to the antispam team the comments that are spam. One of the more insidious forms of "test spam" is the irrelevant comment, which is often a comment that was probably written as part of legitimate discourse elsewhere, and then copied into a spammer's arsenal and blasted out to see where it would stick. It of course makes little to no sense when commented to the entry under attack, and the journal owner can generally tell, and tends to report or ask about it. An irrelevant comment could possibly fool spamwhackers who don't have the same knowledge about the normal flow of commenting on that particular journal, and a comment that makes no sense to the average spamwhacker might make perfect sense to the journal owner. (For example, if I were to yell "GET ON MY HORSE" at
In the absence of the journal owner actively weeding spam comments from legitimate comments, a journal that allows all anonymous comments is a spam magnet. And currently Dreamwidth's methods of fighting this are inadequate, and I don't know exactly how inadequate because that spam is not being reported to me until the owners come back. Every now and then there's a lump of incoming reports that include comments made quite some time ago, often including spam sources that were already addressed quite some time ago, but usually including some that we've never seen before. This pattern seems to be what happens when someone comes back from a hiatus and cleans up spam that was left in their absence. Cleaning up a spammed-up journal is an onerous task that I would not wish on anyone.
There are some things that I considered (however briefly) and then discarded; there are other things that I'll be discussing further with staff.
Allowing a site administrator to delete anonymous comments off an inactive journal, even comments that are obvious spam, horrifies me in a visceral way that I'm not entirely sure how to describe. It would be a very direct way of dealing with already left spam, but it would break every expectation of privacy and autonomy, would be a crappy task to carry out and would not scale well, would run a very real risk of deleting legitimate comments (and deleting legitimate comments already in place is something I consider as worse than leaving spam in place or frustrating a non-site-member or logged-out site member trying to leave an anonymous comment), and I also don't know whether having an administrator doing that would expose Dreamwidth to additional legal risk from spam that was not spotted and removed.
Turning off anonymous comments entirely would certainly block anonymous spammers, but would also block any and all legitimate anonymous comments.
Automatically screening all future anonymous comments would screen anonymous spam, but would screen any and all legitimate anonymous comments. This fails what I have started to call "the Jumpy test", for journals that still may receive comments, but whose owners will never return.
LiveJournal has a dedicated system that scans every incoming comment against a number of criteria to determine if any given comment is bad enough to be actively blocked, or merely suspicious enough to be automatically screened. Implementing a similar system would need to first be discussed with staff before I would put it through suggestions.
Presenting CAPTCHAs to logged-in users commenting identified just because the journal they are commenting to has become inactive would not serve any useful purpose that I could think of, and would (at minimum) annoy the logged-in user. This proposal is only about anonymous comments.