At a basic level, comment spam sometimes involves spammers manually typing spam into a blog comment form. This submission of spam is entered the same way as any regular reader. Although this allows a spammer to assume the same identity of regular commenters, this is a painfully slow process. The return on the investment of time dictates that spammers rarely use this method to post spam comments.

The more serious issue is automating the process of posting spam comments. This process is driven by custom scripts or software written to quickly produce a high volume of spam comments. This type of software becomes a spam producing machine.  It can submit thousands of spam comments in a very short period of time. This spam machine can hit multiple pages within many blogs.

These automated scripts don’t typically submit comments by going through the comment entry forms on your weblog. They are programmed to tap directly into a blog’s comment submission script.

Minimizing Comment Spam

• Turn on comment moderation – This allows you to review all comments prior to them being publishing. Novice bloggers usually won’t know to turn on this feature of their blog.  This at least allows full control over what your public readers will view.
• Obfuscate Comment Form – This does require an understanding of JavaScript and basic HTML coding. You may not completely be able to hide the name of your blog comment script or field value names within your comment forms, you can certainly attempt to obfuscate them. The way to achieve this is by using JavaScript to generate a comment form, or certain parts of it.  Spammers often use automated scripts that download the source code from blog pages. Then the spammers search the pages for the names of your comment script and form field names. If these values are obfuscated using JavaScript, the spammers’ spidering software needs to be able to parse and execute JavaScript to determine the correct values.  Obfuscating the form stymies the spam spiders.
• Implement a Turing Test – Named after the early computer scientist pioneer, Alan Turing,  a Turing test poses a challenge that humans can resolve, but computers cannot.  Adding a Turing test to comment forms allows legitimate human commenters to pass through unhindered. Forms attacked by automated spamming software will receive no spam comments. The most commonly implemented Turing test is the CAPTCHA (Completely Automated Public Turing test to tell Computers and Humans Apart).  CAPTCHA frequently come in the form of blurry images. Within the images are contained merged letters and numbers. Humans can read this CAPTCHA text field and enter the correct combination.  Automated optical character recognition software has trouble getting through.