The daily comment spam is getting worse and worse -- easily 100+ per day. It never makes it to the website because WordPress is setup so I need to approve all postings, but it is a PITA to weed
through the spam to find the occasionally real comments.
I've seen on Jeremy Zawodny's blog that in order to post, you need to type *his* first name in one of the forms. Not rocket science if a human is making the posting, but perhaps just difficult enough for the spammer's script to fail. The other nice thing is you can always change the question to something equally as trival. Say, "what the the color of the sky?" or "3141592 is my favorite number, what is my favorite number?"
Jeff Barr posted an entry on exactly how to do that in Wordpress. The only thing that was a little tricky was the change to wp-comments-post.php was on line 22 in my copy of the file. The difference because the file is a DOS format and emacs displayed it with ^M^M at the end of each line (essentially halving the
number of line Jeff saw.
The changes work for me...