The “GrowMap Anti-Spam Plugin” greatly reduced my spam. However, it did not reduce spam to zero.
If you have a vanilla WordPress setup, it’s too easy for spammers. They can POST directly to the comment.php file, without even reading your blog.
The “GrowMap Anti-Spam Plugin” fixes this problem. The spammer can’t directly post to comment.php.
However, there is a glaring defect. The spammer can update his script, to account for the GrowMap Anti-Spam Plugin!
One spammer did this. I had to take additional measures to block him.
There’s an obvious solution. Instead of making it the same all the time, the spam plugin should semi-randomize its output. It should always seem similar to a human user, but extra fields can be added or renamed, to keep out the spammers.
I also added a trackback verifier. It greatly reduced trackback spam, but it isn’t perfect. I can get a “real” trackback from a spam blog. A “spam blog” is a computer-generated blog that’s 100% content scraped from other sites, designed to fool Google into ranking it highly from certain keywords.