Matt Mullenweg announced Akismet yesterday. It’s a comment-spam defense system for WordPress, and I’ve been using it for a few weeks now. (This is why Gatekeeper disappeared from the site near the beginning of the month.) It isn’t perfect, but it’s darned close, and it’s been getting better as time has progressed. That’s one of the promised features: the longer it’s used and the more people who use it, the better it gets.
I don’t pretend to understand all the details of Akismet’s workings, although I have a fairly good idea of how it works. I have some concerns, mostly in that it seems like spammers could poison the well by injecting tons of false “not spam” data into the service in order to get their messages through. I also worry about attacks on the service itself.
Furthermore, I have to say it’s a bit frustrating that you have to have a wordpress.com API key, which means you have to have a wordpress.com account, which means it’s not a one-stop plug-and-play solution. (Especially since getting an account is, currently, an invitation-only sort of thing.) On the other hand, having to have an account probably confers some control advantages—if an account is found to be consistently marking things as “not spam” when everyone else is marking them spam, it can be kicked out of the service.
Some have raised privacy concerns because every comment submitted to your site gets analyzed by the Akismet service. This doesn’t bother me, but it might some.
Overall, I’ve been pretty happy with Akismet. It has let through less spam than Gatekeeper did in the weeks before I disabled it and all my other anti-spam measures to test out Akismet. You’d think a Gatekeeper setup wouldn’t let anything through, but you’d be wrong; I assume there was a hole in my PHP. Akismet may not be the end-all solution—after all, if it becomes effective enough, the spammers will have major incentives to defeat it, and will most likely find ways to do so—but it seems to be working very well for now.