The Akismet system has been protecting WordPress bloggers for a while now from comment and trackback spammers. It was a great system, protecting even small blogs from 1000’s of spam comments. The system depends heavily upon users marking these comments/trackbacks as spam and reporting them back to Akismet as such via the WordPress plugin. This means that many innocent bloggers are “false positives” in the Akismet system due to either malicious or ignorant behavior on the part of other bloggers.
I Got Tagged By Akismet
On Friday, I noticed that comment posts I entered at several sites I visit regularly weren’t showing up. Normally, they would show up right after I posted the comment. The first time, I thought, “Well, that’s strange. Maybe they changed their moderation rules.” The second time, I figured something weird was up. So I used the contact form for that blog and it returned the error message that I was flagged as Akismet spam!
So, I went to the Akismet page and filled in their contact form asking for them to correct the problem. Will they correct it? I don’t know. They don’t make it very clear what you should do in a situation like this. Their contact form is very generic and doesn’t allow you to describe the problem or get priority consideration for them to correct their mistake. However, at least they’re smart enough to know that their system does generate false positives so they just use a math question verification system on the contact form.
More False Positives By Akismet
It’s not just me. Many bloggers are being marked incorrectly as ’spammers’ by people who don’t like them for one reason or another or who’re simply ignorant and incorrectly marking any and all trackbacks as spam. I’ve had a number of people who’ve posted comments here on OpTempo have false positives in the Akismet filter. And I’ve also found a number of blog posts describing this situation.
Vic, of Blogger Unleashed has been marked this way, apparently more than once. He can be quite opinionated and several people have ‘rewarded’ his outspoken behavior by marking his legitimate comment posts as spam. Since both he and I were recently involved in a difference of opinion with a particular blogger so we were wondering if this wasn’t the source of my problem. To update, it wasn’t, but being banned like this makes you a bit on the paranoid side, wondering who you might have unintentionally upset.
Over at The Great Startup Game, they report their experiences with this situation in this post: Automattic Kismet / Akismet: the little company that dropped the ball. It’s a nice article on how the whole Akismet process lacks transparency.
At Web Marketing HowTo, Robert says that he’s currently encountering this problem as well.
Since we both recently left comments on the same blog, Remarkablogger, and given the way they word some of their articles, I have to wonder if someone doesn’t have an itchy trigger finger when it comes to what they think are spam comments or trackbacks. I didn’t write that sentence well. What I meant to say is that the way some bloggers write things it can make you concerned that they’ll ’spam’ you for the least little thing.
[link and name removed by request] takes the system to task in this article, I Hate WordPress. He calls Akismet a “Child of Frankinstein spam machine”. From what I gather, he got tagged as a spammer by someone who objected to something he had written.
Gaming the Akismet System
Unfortunately, it seems that the Akismet system may be very open for a malicious troll to drop the ban stick on you using black hat methods, thus limiting how you can socially interact with other bloggers as well as promote your blog. The system seems like it could be used to sully the name of anyone you don’t like or to backstab a competing blog.
Here’s how an Akismet ban attack could go down.
Someone who didn’t like your comment on a particular topic on their blog could take your information, your name, email, and URL, throw them into a comment spamming program, which are easy enough to find, and generate hundreds of spam comments apparently from you. To further cover their tracks, they could do this through a proxy server or run it as a PHP process on a shared server at a popular hosting site. Of course, most of these blog owners who got the ’spam’ would flag these comments as spam. This would result in your credentials being incorrectly marked as spam comments by hundreds of bloggers, thus damaging your ability to promote your site.
To make matters worse, Akismet apparently doesn’t do IP tracking. It seems that they could figure out that there were 10000 spammy comments from one IP address and 150 legit comments from another address. But, apparently, they don’t do this.
Akismet, Time to Come Clean
Akismet needs to come clean with what they’re doing to prevent this kind of attack and to become more transparent when it comes to reporting a false positive situation. They’re apparently relying too much on automated systems and this leaves the whole process open to exploitation by malicious individuals.
Furthermore, they seem to place a lot of weight on just a few reports which could be simply ignorance of how trackbacks work or perhaps someone reacting out of anger to a negative comment.
Lastly, they need to make it crystal clear how to get your credentials cleared after being given a false positive status in the system.
Having an anti-spam system for blogs is important. However, having an anti-spam system that can’t be easily gamed or that gives credibility where credibility isn’t due is also important. Akismet needs to step up and correct these serious and growing problems in their system.
Have you been the victim of an Akismet false positive? Have you gotten a lot of Akismet false positives in your filter? Leave me a comment and let me hear your opinion.