Because I don't want to add captchas to Workbench, this weblog has been drowning in comment spam. Since I began accepting comments in September 2002, I've received 13,000 legitimate comments and 172,000 spam.
I'm trying a new technique this week that makes spam easy to detect by putting a bunch of bogus text areas on a weblog form, hiding them with Cascading Style Sheets, and checking them for input when the comment is submitted. I call these fields comment flak.
Spammers typically put their junk comment in every text area on a form. When text shows up in any of these flak fields, my blogging software treats it as spam.
I've written a new Comment-Flak library for PHP that makes it easy to use this technique on any weblog published with PHP.
So far, 100 percent of the spam submitted to this weblog has been caught by this technique. This will drop if the technique becomes popular, but I'm hoping people will offer tips on how to make it harder to beat. The code has been released as open source under the GPL.