gsb: today I was looking over comments on this post. If one hovers over the commentator’s name one can see the IP, or resolved domain, of the person who posted. Of course, there’s probably ways around this kind of thing, but it might be a good start. Can we have something like this?
FWIW, my experience is that both trolling and spamming were greatly reduced once I implemented this.
Related:
Comment spammers don’t care that their IP address is being revealed. I have banned more than 200 IP addresses for posting comment spam. They always come back at new ones.
I think sharing the IP addresses of all your commenters is a bad policy, as I wrote today on Workbench. It may scare off some trolls, but at the expense of a bunch of legitimate users who might not want to share the details that can be gleaned from their IP address.
Everything is a balance. At the moment, I seem to be able to attract healthy enough discussions, and the combination of defenses does seem to keep many of the trolls and spammers at bay.
I’ll also note that I’m in good company: virtually all wikis employ a similar strategy.
I also aggressively implement trackback, pingback, and automatically mine referers and harvest extractions to enable those that have weblogs to participate remotely.
But, if there was enough demand, I would certainly be willing to create a registration system that would enable trusted users to comment without revealing their IP addresses.
I don’t mind authentication — I’ve joined TypeKey and umpteen other systems to comment. This is the first I’ve read of OpenID.
I’m unclear on this point: If my OpenID server tells your blog I’m Rogers Cadenhead, what stops some prankster — let’s call him Mark, say — from claiming to be Rogers Cadenhead next week and posting here as me? If there’s no password, what’s to prevent it?
Sam,
I think what reduced spamming and trolling will also lead to privacy violations if this practice spreads widely. Even if search companies filter out IP addresses as keywords, private bots will harvest IP addresses for whatever reasons they might have. For example, I could see myself doing this to assign risk to IP blocks based on the behavior of the IP pool users. I’ll be able to measure the stickyness of each IP block from crawling also.
Meanwhile, spammers will just use anonymous proxies when this practice becomes common place.