I’m looking through the wordpress specific code, and I see a hook for the wp_insert_comment action. I was wondering, does Bad Behavior submit spammers to projecthoneypot.org? Namely if my other spam plugins detect that a comment is a spam comment, does bad behavior noticed the wp_insert_comment hook and submit the spammers IP to project honey pot. I don’t see anything in the code that appears to be doing that, but I didn’t read through all of it.
At the moment we do not submit to Project Honey Pot. They don’t accept submissions except through their own code, the last time I looked.
The code you are looking at logs spam in Bad Behavior’s log if any other plugin on the system marked it as spam. This helps us get a copy of any spam that Bad Behavior missed without having to enable verbose logging, which can slow down a busy server.
Thanks for the reply. I guess that also explains why it logs a key of 00000000. Because it’s logging that it DIDN’T block it but it was later identified as spam.
Have you thought about adding these “false negatives” as another test for future bad behavior tests? In other words, if headers, and agent and IP pass all the other tests, but the IP and/or user agent and/or other post attributes consistently gets caught by other spam plugins, then also include it in the black list?
If I wanted to make some mods to Bad Behavior to handle this, it looks like the workhorse function is bb2_screen() and you have nice design pattern going in there of a serial list of screening tests. Thoughts on adding a callback or plugin mechanism to extend Bad Behavior to integrate with other systems?
FWIW, I’ve been running BB on a test system that averages about 60 spam comments a day. Most of them get caught by our content filters ~80%, the other 20% end up in moderation. Since running BB, I’ve seen about 20% get cut out right away by BB2. I see now that when I test the IPs manually against various black lists (Projecthoneypot, Spamhaus, SpamCop, etc)… these IPs are not yet identified as “comment spam sources”. But on inspection, that’s clearly what they are.
Anyway… even though it isn’t a silver bullet for the spam I am seeing, it’s still a great tool. So thanks for your great work! I totally appreciate it!