I think that I am making this more difficult than it really is, but I can't seem to get the spam protection to work correctly.
I'm using the mollom and spamprotection modules (both version 0.2) with Silver Stripe version 2.3.3 on a linux server. I placed the line SpamProtectorManager::set_spam_protector('MollomSpamProtector'); in the my site/_config.php file as outlined in installation instructions and thought I was done. Apparently I was wrong.

I've tested this on different computers and in different browsers and it's just not working consistently. It flagged comments on one page and requested the user (me) to complete the captcha field. I abandoned the comment and did not enter the captcha data. The next page I visited was a blog post where I was allowed to enter spam type comments without challenge. I had not entered the captcha data on the previous page so why did mollum allow me to enter any old nasty comment on the new page? I tried the same test on another computer and it didn't question my humanity at all. In total, I think it asked for captcha data once for every twenty attempts to input spam type content. The really weird thing is that the only browser that it actually asked for the captcha was IE7.

I know that it's not an issue of being logged in and I've cleared cache, refreshed, flushed and everything else I could think of. Did I speed read the instructions and skip something important? Was there something in addition to the one line in config.php that needed to be added? It was my understanding that this would work on all pages including the blog module and that only time I would need to add additional code would be if I were to create a custom form. So why isn't it working? I would be very grateful for any useful suggestions. I would like to be able to offer comments on the pages, but I really don't want a repeat of the other day when I had to delete 4350 pieces of spam.

Thanks!

PS: I'm not sure if this is a related question, or something that should be in its own thread, but does mollom filter confirmed human comments? Just because a comment is entered by an actual person doesn't automatically make it appropriate. Do I have to physically go in and moderate, or will mollom send comments with certain words directly to spam?

How mollom works is we post the comment to mollom, it comes back with a rating and based on that we show the captcha. My guess would be mollom is just accepting your comments (note that it uses alot more then just the content of the post to work out if it is spam). You can train mollom that those comments are spam by clicking the mark as spam button which will notify mollom that this is actually spam.

If mollom gives us back "Yes this is not spam" then there is not much we can do about it. Make sure you are not logged in as a user (this will bypass the captcha).

You're saying that if it challenged me at least once then it is most likely working. I guess the best test would be to allow comments on one page and see if I get nailed by bots again. Sigh... I remember when web design was as easy as typing a few html tags and adding an image. Now we have to be proactive and vigilant about everything.

> Make sure you are not logged in as a user (this will bypass the captcha).

This a very valuable information. Wish I had it earlier... There is no mention in the docs.

Regards,

f.