Important
As of January 1st, 2009, I am no longer developing, maintaining or supporting Spam Karma. If you want to contribute to its code or download the latest GPL release, you can check out the code repository, over at Google Code.
Thanks.
1. Overview
Spam Karma 2 (SK2) is an anti-spam plugin for the WordPress blogging platform. It is meant to stop all forms of automated Blog spam effortlessly, while remaining as unobtrusive as possible to regular commenters. Spam Karma 2 is the proud successor to Spam Karma, with whom it shares most of the development ideas, but absolutely none of the code
2. Requirements
- WordPress: SK2 requires at least WP 1.5.1 (or up). It is compatible with all versions of Wordpress up to the latest release (2.1).
- mySQL: 4.0 or up is strongly recommended (some important functionalities might not work otherwise).
3. Installation
Install is the easiest ever:
- download the archive
- unzip and drop the whole SK2 folder, as is, in your
pluginsdirectory. - Enable the plugin in the WP Admin >> Plugins section.
- Browse to WP Admin >> Manage >> Spam Karma 2.
(Note: if you are upgrading from a previous install, simply overwrite the older files with the new ones in the instructions above)
Please check SK2 GPL repository for any potential downloads.
4. The Aftermath
Everything worked? Good.
Not quite?
Just check out the FAQ & Troubleshooting Page, your answer might be there. Otherwise, you can try WP.org support forums.
For bug-reports exclusively, you can contact me using this online form (do not use the old support email account: it is no longer active).
5. Tip Jar
If Spam Karma saved your life/relationship/cat/mailbox and you feel overly generous, please feel free to make a donation.
If you don’t have cash, but plenty of time to spare, consider helping out with some WP community-related projects.
6. Other Languages
Sprechen Sie Deutsch? Parlez-vous français? 日本語喋れる?¿Hablas Español? Parla Italiano? etc.
SK2 can probably speak your language !
Go here to find instructions on how to switch SK2 to a language other than English.
If your language is not in this list already (or even if it is, but you feel the translations can be improved), learn how you can contribute here.
7. Documentation and Extra Stuff
For more info about how SK2 works, what it does, how you can improve it etc, check SK2’s Documentation Blog on wp-plugins.net. Please feel free to contribute.
There are additional third-party plugins available to extend SK2’s functionalities. Check out the full list here.
SK2 will automatically inserts an “X spams eaten” message in your footer (you can disable or customize it in the admin options).
Using SK2? Eager to tell the world about it? Like having 300 little acronym buttons on the side of your page?
Say no more, we have what you need:
Feel free to download and do whatever you want with this kick-ass button, including using it on your own page, possibly with a link to this very page. However: hotlink it directly from this page, and I will unleash my legions of killer ferrets on you and your descendance, at the click of a mouse.
If you are a developer and would like to learn how you can very easily use SK2 as a support for your own anti-spam development effort, check out the SK2 API page.
If you have an idea on how to improve SK2 (and see no mention of it in the existing docs) feel free to contact me about it, but keep in mind that nearly any addition to SK2 can be done outside of the core, through an SK2 module. Feel free to contact me if you want to take on such a task and need a bit of help getting started.
Normally, SK2 should automatically check for updates on a reasonably regular basis, but consider checking that page back in a few weeks if you do not see any update.
8. What about Karma?
You mean, the sanskrit word that defines a concept in eastern religions?
I wrote an entry about it here.
9. Your comment was mistakenly eaten by Spam Karma?
10. Licensing and Legal Matters
Spam Karma 2 is not GPL. It is copyright and all rights reserved. However, it is absolutely free for download, use and non-commercial redistribution. Anything else is subject to prior written permission by myself. If you contact me, chances are I’ll say yes to any reasonable request.
External plugins (including those bundled with Spam Karma 2) are the property of their respective developers and, by default, subject to the same distribution rules.
What this mean in practice: Spam Karma is “free software”, in that it is absolutely free to download, free to use and even free to tinker with (although I typically would require any modifications made to it to be clearly indicated to potential users). What I do not want to see, though, is people grabbing a version of WP and SK2, packaging them together and selling them for $300 (as they could do, with GPL software). Bottom line is that I am not trying to make money with this, and I don’t see why somebody else should be able to without me having a say first.
Once again, this type of licensing doesn’t make any difference for 99% of users (it’s free for whatever you need it to do), and shouldn’t stand in the way of the remaining 1% with more specific needs. If you have doubt or questions, contact me: I am very open to any discussion or criticism regarding this format of licensing.
I am also very open to porting SK2 over to other platforms. Its architecture makes it extremely portable (for a WP plugin). Contact me if you think you may be interested in adapting it for another platform.
It goes without saying that this software is provided “as is”, without any guarantee of warranty of any kind, nor could I ever be held liable for any damages it could do to your system (see header of source code for details): if SK2 was to go berserk, screw up your database, delete your entire blog, kill your cat and rape your hamster (or the other way round), you’re pretty much on your own legally. It shouldn’t though.
11. Changelog
New in 2.3:
- Miscellaneous bug-fixes (UI, WP21 compatibility, compatibility with other plugins etc.)
- A few small changes in the modules (improving blacklisting module, disabling RBL for now).
- Important updates to Wordpress DB schema in order to try and improve its sluggish loading time (not directly an SK2 problem per se, but had to be done for SK2 to run fine).
2.2:
- Miscellaneous bug-fixes (UI, WP2 compatibility etc.)
- Fine-tuning of older modules to accomodate new spambot breed.
- Minor additions to SK2’s filtering modules to raise SK2 protections.
2.1:
- Full multilingual support (see available languages).
- WP 2.0 and SQL 5.0 compatibility
- Improved email integration (can flag/unflag spam directly from notification emails).
- Miscellaneous bug fixes and improvements
[...] I’ll keep my rant concise. One: Some of the best WordPress plugins are the result of long term incremental development. Two: A “really revolutionary” plugin isn’t necessary when you can combine multiple so-called “so-so” plugins together to achieve the same effect. Three: How “revolutionary” individual plugins are depends on how you use it. You’d be surprised at how creativity can bring out the power of underrated plugins. Four: Tiny “so-so” plugins ensure that we have something for every problem we face. We don’t always need “great” plugins – but we always need solutions to our problems. [...]
[...] But it didn’t last long. Within days I found out how easy it was to auto-register a log-in, and then post malicious content. It didn’t help that I was using Spam Karma 2, also known as “trust but verify…at some point in the future…maybe….” It changed a lot of behaviors so that it didn’t really stop any spam, but it did let people post without the WordPress built-in moderation controls. [...]
[...] Jag använder Bad Behavior, Spam Karma 2 och Akismet. [...]
[...] (NST recommends Spam Karma 2 with the Akismet plugin — no need to use the official Akismet file, and it works a a lot better too!) [...]
[...] Dr Dave Spam Karma 2.2 Spam Karma 2 (SK2) is an anti-spam plugin for the WordPress blogging platform. It is meant to stop all forms of automated Blog spam effortlessly, … [...]
[...] I’m not exactly sure what happened between versions. By my current understanding, Wordpress database format should always be compatible between versions, and if not, the upgrade script should take care of it. However, I met a different fate. I used to have Spam Karma installed which makes a few database changes, but none of which (I think) apply to the posts table. But I’m just going to have to find a good way to circumvent the new structure… manually adding 200+ blog entries just doesn’t sound too appealing. [...]
[...] Spam Karma 2 Tag: Wordpress [...]
[...] As an experiment I’ve downloaded and installed Spam Karma 2 to start dealing with this because it filled all those requirements and gave me more control than I thought I’d get. In the three hours it’s been installed, it’s caught three pieces of spam already and none of that hit my inbox. Score! [...]
[...] After getting a bunch of spam comments (Yay! I’m popular enough for spam!) , I went ahead and installed Spam Karma 2. This essentially assigns every comment a score (karma) by putthing it through a series of tests. The result of these tests determine whether or not a post is spam. [...]
[...] Daraufhin habe ich mich prompt mit einer E-Mail an den lieben Dr. Dave gewendet, der ja auch das SK2 konzipiert hat. Die Commenter Granularity fiel mir ja bisher auch nicht so positiv auf – hier bei uns im Blog und in allen von mir betreuten Blogs ist der Wert von mir bisher immer deaktiviert worden. [...]
[...] Handle comment and trackback spam as efficiently as possible (preferably with advanced automated blog tools such as Akismet and Spam Karma) [...]
[...] Une solution plus viable serait évidemment d’éliminer totalement le spam, mais cela relève de la douce utopie. Typo gagnerait grandement à acquérir son indépendance énergétique, par exemple en portant Spam Karma 2 dont l’architecture modulaire conviendrait parfaitement à la création de greffons pour Ruby on Rails. [...]
[...] if you look down at the bottom of this page, there’s a little message about 679 (as of the time of this post) spam comments that have been blocked by Spam Karma 2. i gotta say, spam karma 2 is very effective. wordpress is supposed to have a bit of spam protection (isn’t it? i thought it was but what do i know?), but i still got an insane amount of spam comments. [...]
[...] Als ob das Wetter dezeit nicht vollkommen ausreichen würde – seit heute bringen auch noch Kommentarspams mein Spam Karma gut zum schwitzen. Bislang war es diesbezüglich relativ ruhig hier. Mal der eine oder andere Spam-Müll in den Kommentaren, ansonsten nix aussergewöhnliches. Allerdings habe ich bereits darauf gewartet, dass es auch bei mir mal so langsam startet. In meinem Uralt-Blog war ich irgendwann mal bei gut 1000 Spam-Kommentaren pro Tag, kurz bevor ich dort aufgehört hatte zu schreiben. Und nun wurde auch mein neues Blog entdeckt – gut 200 Spams in den letzten 5-6h. SK hat sie bislang gut verpackt und alle wegsortiert, aber wenn es jetzt losgehen sollte, dass ich in nächster Zeit ständig prüfen muss ob sich zwischen diesem ganzen Abfall vielleicht doch noch der eine oder andere echte Kommentar verbirgt, dann werde ich hier weitere Massnahmen ergreifen müssen. Denn so langsam grenzt es an Vergewaltigung, was diese elenden Spammer veranstalten. [...]
[...] Täglich schlagen hier mehrere tausend SPAM-Kommentare auf – unglaublich! Die werden zwar von Spam Karma 2 mit einer 99%igen Genauigkeit abgefangen, aber die Verarbeitung im Hintergrund drückt auf die Ladezeiten im Blog hier und füllt die Datenbank im Hintergrund mit unnötigen Einträgen. [...]
[...] Täglich schlagen hier mehrere tausend SPAM-Kommentare auf – unglaublich! Die werden zwar von Spam Karma 2 mit einer 99%igen Genauigkeit abgefangen, aber die Verarbeitung im Hintergrund drückt auf die Ladezeiten im Blog hier und füllt die Datenbank im Hintergrund mit unnötigen Einträgen. [...]
[...] Spam Karma 2 : 스팸에 관심을 가지기 전부터 워드프레스 관련 검색을 하며 몇번이나 접했던 이름입니다. 소개글을 살펴보니 정말 막강한 기능을 갖추고 있더군요. [...]
[...] Hinter den Kulissen und der Fassade von meinem Blog tobt ein Krieg. Immer wieder versuchen irgendwelche Programme und/oder Leute, in den Kommentaren Einträge zu hinterlassen, die per Einbindung von Links das Suchmaschinen-Pageranking der so verlinkten Seiten nach oben zu treiben. Ist ja auch praktisch, wenn man mal eben 100.000ende Blogs und Gästebücher automatisiert zuballern kann und auf einen Rutsch millionenfach verlinkt ist. Dabei erweisen sich die Autoren als nicht besonders phantasiebegabt und meistens steht da sowas wie “awesome site, man” oder ähnliches, gefolgt von irgendwelchen Suchbegriffscheiss und eben den Links. Es gibt auch die etwas Schlaueren, die Bezug auf das eigentliche Posting nehmen, oder sich Textbausteine aus schon vorhandenen Kommetaren zusammenklauben. Aber alle, ausnahmslos alle Versuche sind bislang in den Filtern von Spamkarma hängen geblieben. Und das Dr. Dave, der Autor, auch noch Zeit und Muße hat, echt nett zu lesende Meldungen in sein Programm einzubauen, ist wirklich großartig. Beispiel gefällig? Gerne: -2: Flash Gordon was here (comment posted 4 seconds after page load). [...]
[...] Die Tatsache, dass man hier so froehlich frei und einfach kommentieren kann, ohne sich mit Captchas oder anderen Restriktionen herumschlagen zu muessen, ist einzig und allein einem Plugin fuer Wordpress zu verdanken: dr Dave’s Spam Karma 2. Das Anti-Spam Plugin ist einfach in jeder Hinsicht ein Gewinn fuer’s Blog. Die Besucher, die kommentieren wollen, bekommen von den Mechanismen im Hintergrund nichts mit, muessen keine kryptischen Captchas identifizieren oder mathematischen Aufgaben loesen – Spam Karma filtert im Hintergrund, vergibt sogenanntes Karma fuer die jeweiligen Kommentare und sortiert zudem anhand von aktuellen Blacklists Spam-Kommentare schon im Voraus aus. [...]
[...] Spam Karma – I’ve recently had an influx of shitty comments on the blog. I installed Spam Karma and it works a treat. I highly recommend you download it! [...]
[...] Spam Karma 2 is the proud successor to Spam Karma, with whom it shares most of the development ideas, but absolutely none of the code. It is meant to stop all forms of automated Blog spam effortlessly, while remaining as unobtrusive as possible to regular commenters. [...]
[...] With the spamming problem, there are a number of plugins available especially for Wordpress Users at Spam Karma 2 and Akismet. [...]
[...] Over the last week the blog has been absolutely swamped in spam. For all sorts of interesting stuff. I contemplated shutting them off but this is actually harder to do than you might think. So instead I installed a little plugin called Spam Karma 2. This piece of awesomeness is able to tell when a comment is spam or not. Hopefully it won’t be much of a hassle for the regular commentors and if it is causing you problems then email me. [...]
[...] This site had a minor attack of the spambots last night – luckily, with the excellent Spam Karma 2 on board, they only got as far as being “held in moderation”. [...]
[...] Anscheinend gibt es beim Wordpress Plugin “Spam Karma 2” von Dr. Dave eine Sicherheitslücke, sofern man es erlaubt, dass sich fremde User selbstständig innerhalb von Wordpress registrieren. Deswegen gibt es hier den Lesebefehl für alle betroffenen Administratoren – und bitte weitersagen! Ob etwas wahres dran ist, kann ich jedenfalls zur Zeit nicht beurteilen. Keywords/Tags: Exploit, Problem, Security, Sicherheit, Spam Karma, Wordpress, WP Plugin [...]
[...] Dr Dave, Autor des Spam Karma-Plugins, warnt in seinem Blog vor einem WordPress-Exploit: [...]
[...] Got this off Lorelle who got this of the [...]
[...] å‰›å‰›æ•´ç† blog 時看到 Spam Karma 2çš„ critical announcement, 說è¦æŠŠ User Registration 的功能關掉, 以å…麻煩. [...]
[...] Dr Dave, der schon gestern von mir gelobte Autor des SpamKarma Plugins, hat heute eine ziemlich dringend und ernst formulierte Warnung an alle Wordpress-User im Begrüssungsdialog des Plugins angebracht. If you are running Wordpress as your blogging platform and if you have been trusting enough to leave User registration enabled for guests, DISABLE IT IMMEDIATELY (in wp-admin >> options: make sure “Anyone can register” is not checked). [...]
[...] Der Schöpfer des Anti-Spam-Plugins “Spam Karma 2″ (unknowngenius.com/blog[1]), Dr. Dave, hat gestern vor einer generellen Sicherheitslücke in Wordpress gewarnt, die mit der Benutzerverwaltung zusammenhängt (siehe auch unknowngenius.com/blog[2], englisch): If you are running Wordpress as your blogging platform and if you have been trusting enough to leave User registration enabled for guests, DISABLE IT IMMEDIATELY (in wp-admin >> options: make sure “Anyone can register” is not checked). Additionally, delete or disable ANY guest account already created by people you are not sure about. [...]
[...] Das Wordpress-Plugin SpamKarma 2 hat offenbar eine Sicherheitslücke. Betroffen sind alle Blogs, die WordPress und SK2 benutzen. [...]
[...] I found this nifty little plugin for Wordpress that catches all the crap that spammers try to post on blogs. I’ve installed it in the hope that it’ll solve any future problems spammers might try to cause me. Installation was a breeze, but it did take me an hour to figure out how to get the footer it adds to the site looking the way I wanted it to look. It’s been a while since I had my nose in the code of this site so that was mostly to blame. Although, the placement of a particular line of code in the footer template caused me some serious headache. There is nothing more frustrating than combing through code several times only to eventually find out that you just need to move one line of code from outside the div tag to the inside. [...]
[...] 之前我对这个家伙一直不太信任,原因就在于他在第一次判断spam的时候就搞错了。当时还想如果spam失守的话,我就换成Spam Karma 2这个一直颇受好评的插件。看来,Akismet作为wordpress的官方插件还是不能小视的。 [...]
[...] WordPress has an excellent plug-in called “Spam Karma II” that allows you to make sure you aren’t being comment spammed- and post immediately (without moderation) to keep your site discussions humming without requiring your attention to every comment (you can still blacklist bad words, or go back in and edit comments easily). Some sites use Blogger- like “The ranch”- the University of Texas ad blog. Blogger ticks me off because to comment- they want you to set up your blogger blog. Just like good advertising, a good blog back-end shouldn’t force you to do something you don’t want to do (or make it difficult to contact you). Luckily- all these sites can switch to WordPress- since there is a built in import and translate function for Blogger, Dotclear, LiveJournal, Moveable type and Text Pattern- there is also a way to import via RSS – which could be used for importing from some other arcane solution. See more about importing on the codex. While there are successful blogs using tools other than WordPress- the key to good open source software is the size of the development community. [...]
[...] Hoje tomei um susto, quando eu fui dar uma olhada geral nas opções do WordPress, quando eu cheguei no Spam Karma, e ví uma mensagem gigante em vermelho, dizendo haver uma vulnerabilidade crítica atingindo o WordPress, fui lá ver, achei meio estranho, e até pensei que era um Hoax.Bom, ainda não há nada concreto dos desenvolvedores do WordPress, mas, eu segui as instruções, não custa nada, até haver um parecer final da equipe de desenvolvimento do WordPress.O esquema é o seguinte, parece que há uma falha no sistema de cadastro nos sites que usam o Wordpress, a solução é a seguinte, desabilitar novos cadastros até uma solução, ou uma melhor explicação oficial sair. Para desabilitar, proceda da seguinte maneira.Administração –> Opções –>Geral –> Todos podem se registrar (desabilite essa opção)Outra coisa, não se esqueça de apagar, todos os usuários criados que possam parecer suspeitos.O Anuncio da vulnerabilidade, foi lido Aqui.Vamos esperar um anuncio oficial para ver o que acontece.Espero não estar repassando um Hoax!! [...]
[...] Dr Dave Spam Karma 2.2 Spam Karma 2 (SK2) is an anti-spam plugin for the WordPress blogging platform. … Spam Karma 2 is the proud successor to Spam Karma, with whom it shares … [...]
[...] 本網站系統是由wordpress架設的blog, 為了避免spam, 系統上安裝了「dr Dave’s Spam Karma 2」plug-in. 目前spam karma的設定都是預設值,除了真正的廣告信外,我們並沒有手動刪除留言。如果各位留言上有問題,請寄信至regainconscience@gmail.com [...]
[...] Well, relief finally came when I found out about Dr. Dave’s SpamKarma2. [...]
[...] Je n’en pouvais vraiment plus, j’ai donc installé un anti-spam: Spam Karma 2. Si vous rencontrez des problèmes pour me laisser un commentaire, faites moi signe. On verra si ça marche. [...]
[...] Dr. Dave, the dude behind Spam Karma, has issued a warning to all WordPress users. A message popped up on my Spam Karma 2 dashboard warning of a potential security vulnerability in WordPress. Here’s part of the warning: If you are running Wordpress as your blogging platform and if you have been trusting enough to leave User registration enabled for guests, DISABLE IT IMMEDIATELY (in wp-admin >> options: make sure “Anyone can register” is not checked). [...]
[...] A few days ago, Dr. Dave of Spam Karma fame alerted WordPress users to an unspecified security issue. The workaround: disable registration of new users. Today, the WordPress folks have released WordPress 2.0.4. The security fix means it’s time to upgrade ASAP. [...]
[...] Spam Karma 2 has done wonder’s for the blogs I run. It’s efficient, easy to install and has a nice interface to manage comment spam. [...]
[...] Spam Karma [...]
[...] The first is Spam Karma 2, produced by the aforementioned Dr. Dave. It is no longer under development but as of version 2.2 it remains a highly effective tool, and one of the most downloaded security plugins for WordPress. [...]
[...] Spam Karma Und hier etwas in “WordPress-eigener” Sache. Dieses PlugIn versucht, den Kommentarspam in diesem Blogsystem einzudämmen. http://unknowngenius.com/blog/wordpress/spam-karma/ [...]
[...] Spam Karma Und hier etwas in “WordPress-eigener” Sache. Dieses PlugIn versucht, den Kommentarspam in diesem Blogsystem einzudämmen. http://unknowngenius.com/blog/wordpress/spam-karma/ [...]
[...] Well, I’ve got some good news! After months of fighting with spam comments which worked their way into every corner of my site, deleting thousands by hand only to have thousands left and thousands more to come, I believe I have found a cure. I’ve installed a Wordpress called Spam Karma 2, which so far has been extremely successful – and it actually took care of just about all the spam! No promises, of course, it could all be back tomorrow, but this seems to be a very big step in for spam fighting here at SHS. [...]
[...] Dr. Dave SpamKarma. Some people use Askimet, the standard spam plug-in for WP. Due to his nature, developped by a commercial company I don’t use it since the past has learned me that open source licenses change sometimes very fast. SpamKarma is easy to install and cann easily be customized. [...]
[...] Spam Karma habe ich inzwischen durch Akismet ersetzt. Damit soll der Spam abgefangen werden, der sich trotz der Rechenaufgabe einschleichen kann, Trackback-Spam beispielsweise. Dies hat allerdings keine funktionellen Gründe, Spam Karma hatte seine Aufgabe immer zu meiner vollsten Zufriedenheit erfüllt. Der Austausch ist lediglich mit meiner Bequemlichkeit zu begründen: Beim Einsatz von Akismet sehe ich sofort nach dem Klick auf “Verwalten”, ob abgefangener Spam geprüft werden muss (die Anzahl der geblockten Beiträge steht direkt im Menüeintrag), bei Spam Karma war hierfür ein weiterer Klick notwendig. Ich nenn das “Workflowoptimierung” [...]
[...] Then look at using Spam Karma [...]