• Home
• About
• Contact

Subscribe

Upcoming Book

Ads

Anti-Spamability of .NET Engines

In the past I have written some posts about online spamming and have had some works around spam filtering as well. My recent work on Waegis, that is a very serious and high level work on this level, was a good reason to find new facts about different types of spams and how to defeat them. I also found many facts about our current position in the fight against spams and our methods.

One of these facts is about the features that are provided in web applications and content engines to make this progress easier.

Developing integrations in different .NET blogging engines for Waegis was one of the latest stages of my development before launching the private Alpha 1 version of this service but I had some problems to achieve what I had in mind. So here I just want to give a short discussion about anti-spam features in .NET web applications especially those common engines including Graffiti, Community Server, BlogEngine.NET, Subtext and DasBlog with a hope to see improvements in some areas to make things better. This is especially because I know that builders and leaders of many of the common .NET engines are reading my blog and can understand these facts to help improve related stuff.

Anti-spam features of a content provider system, CMS or blogging engine can be one of the good features to attract users for that system. There is no doubt that everyone who wants to use such a system in a professional level, will have some concerns about spamming.

The capability to prevent spams and auto-moderating suspicious content is one of the first and obvious features that you would look for in your web applications. Apparently no one has time to moderate all the comments, trackbacks or forum posts on a site and at least is looking for a way to do this for less number of items.

Fortunately nowadays all CMS' and blogging engines know the necessity for such features and somehow provide built-in and extendable features to work around this. A variety of these features like the support for some online services like Akismet, various CAPTHCA controls and IP flooding mechanisms as well as general spam rule frameworks are available in all these engines.

Here there doesn't seem to be a problem in general except one: the extensibility of such features. How easy is to adapt and integrate something new with an engine? Unfortunately here there are some problems for some .NET engines.

While some applications like Community Server, Graffiti and BlogEngine.NET have excellent extensibility features to make this happen but some engines like Subtext and DasBlog (that are very well-known and popular) don't have good support for them.

In regards to Waegis, I was very interested to provide integrations for all these .NET engines but at the middle of the process believed that this requires tweaking the core source code of the engine that isn't possible. Neither Subtext nor DasBlog have any extensibility features to cover the spam filtering aspect of the engine and this is one of the negative points about them. Both these engines have support for Akismet and some CAPTHCA controls but there isn't any way to integrate a new service with the engine or for example, add a new rule to it.

Not only for the lack of support for new services but for the lack of extensibility to adapt with new spamming mechanisms, this is a problem, though! Everyday new anti-spam methods are coming to the world and it's worthwhile to be able to adapt things with them. In regards to online services, after Akismet two other services are now public and my Waegis will be there in a few weeks as well. So why not benefit from the new methods? Of course, searching for Waegis, I found that Simo is working on an integration for Waegis in Subtext but I'd really love to see an extensible framework that lets everyone work on such stuff easily.

The other aspect of anti-spamability features is the capability to moderate items coming to an engine. This includes the capability of moderating items and un-moderating them as well and having appropriate events to handle these operations.

But what's the benefit for such features? This lets you drop bad stuff from your site and more importantly it lets you have a personalized anti-spam filter. Those who are familiar with anti-spam mechanisms, would know that having a personalized anti-spam based on the data provided for a special instance is more effective than a general filter based on data for all instances.

Here there are some problems for .NET engines as well. Fortunately BlogEngine.NET has all the necessary means to achieve this. Graffiti is the same but had a minor issue that is now fixed for version 1.1 (thank to Scott Water and Telligent).

But for Community Server, this varies for different versions and things are achievable but not in a straightforward way. Of course, new versions have a better support than older versions. For Subtext, things are supported very well but again, the lack of extensibility mechanisms doesn't let to use them easily. And for DasBlog, there isn't good mechanism at all!

Moreover, I think that we need to have separate mechanisms for comment moderation and comment spam filtering because these are not same things. Sometimes you may want to moderate a legitimate content but at the moment all .NET blogging engines use the same mechanism to deal with spams!

Unfortunately I would say that PHP engines like WordPress or Movable Type have done much more work in this area than .NET engines and this has let them to grow against spammers significantly.

As a conclusion, from one view Graffiti, BlogEngine.NET and Community Server have the best level of support for spam filtering while Subtext is something at the middle. Unfortunately DasBlog hasn't shown a good support in this area yet!

I hope that we see a better support for spam filtering in our engines in the future.

1 Comment : 06.10.08

Feedbacks

Leave a Comment

Name

Mail

Website

Comment