As an agency that allows comments on my site, I want an anti-spam solution to prevent spam comments

[aleayr]

Some builds allow the public to comment on their site. Currently they can get a lot of spam which is preventing to move to their preferred model of post moderation for comments.

Is there a solution, that is accessible, to prevent or at least reduce spam comments?

[fiasco]

Before looking at a solution, it would be good to perhaps get a sense of the purpose of the commenting too. Commenting is about transparency of other peoples opinions. In a post moderation workflow, is that a good capability for government to host/provide? These days, people are use to forums like facebook, youtube, twitter and disqus as social communities to share their thoughts and opinions on. They also have larger audiences to tap into to get exposure of the subject matter.

We should ask, what is the value of reinventing the wheel here vs using a known and adopted social platform for commenting instead?

Disqus is a 3rd party service that could be dropped into any site theme to provide commenting capability without any additions to govCMS. It can use accounts from Google, Facebook or Twitter to authenticate the commenter. Using Disqus however, would divert data storage of those comments to disqus and those comments might get stored in US data centres (or anywhere really). While thats probably not something that we want govCMS to provide, it can be an option for govCMS users to take.

There are more options:

• Mollon and Honeypot modules are ways for detecting spam and preventing them from posting in the first place.
• There are moderation frameworks in Drupal but comparative to purpose build systems like Disqus, they're quite clunky.
• Using other social media commenting systems like that of facebook or Google plus. These are less plausible as that favour a specific network and may close off commentary access to parts of the commonwealth.

[simoncooper]

To add to Fiasco's response, about options:

Honeypot is already enabled and effective for a certain type of spam we see (it uses a hidden field that is activated by bots) it does not aide where human spammers add content- which would be effectively moderated by something like Mollom.

[marblegravy]

Adding my own experience - there are tools/services similar to Disqus out there that provide arguably 'smarter' moderation options using machine learning and natural language processing, but if the underlying issue is that there's a massive aversion to someone posting junk or something that could be offensive or abusive on your site, pre-moderation is your only option. Or, taking the discussion to the people as Josh suggested and having the discussion on Facebook/Google/Twitter where anything negative is an arms-length away from your site.

The other solution is part-time post-moderation where during business hours you have comments go live immediately and you can quickly take down anything that's outside your acceptable use policy but out of hours you queue them up and review them when you're available.

[aleayr]

So, to following this up, do people still think this is an issue we should solve directly in the govCMS distribution? @marblegravy Your part-time post-moderation is an interesting idea that I've not come across before.

Anyone with any feedback on this?

[pandaskii]

Mollom is fading out.

As of 2 April 2018, Acquia will no longer support or maintain the Mollom product.

https://www.mollom.com/index.php?q=eol

[tobybellwood]

We haven't had a spam comment complaint for some time, other than general user-generate spam-like content.

Honeypot is doing a good job protecting against bot spam, and as @pandaskii pointed out, Mollom is no more. Happy to reconsider if spam comments rear their ugly head again