It doesn’t matter much on this site if somebody’s comment about World of Warcraft doesn’t make it through, but as Wordpress gets more and more widely used, with spam traffic always increasing, then the issue is only going to grow. Based on the assumption that there will always be false positives, the ability to easily identify them will be critical.

Scenario: A comment spammer sets up a test blog with Defensio installed (only used here as the example as it’s the subject of this post) and then proceeds to hit it with his own spam. The spammer can then monitor the spamminess of each comment in order to learn which elements of each comment contribute to the spamminess score being higher.

In theory this would allow a comment spammer to develop spam comments with a low spamminess score, and then proceed to hit live blogs with them.

Obviously over time Defensio’s database of spam and it’s algorithm will evolve to eliminate such comments as they’re reported by blog admins, but the theory and the possibility is still there. Akismet’s approach of not revealing a comment’s spamminess eliminates the possibility of gaming the system.

It’s unfortunate that false positives occur. It would be interesting to see if Defensio and Akismet have similar false positive rates.