The following links provide documentation on the Spam Blocker, which is a configuration interface that allows the board administrator to set up options designed to prevent automatic posts on the discussion board. These spam-blocking features, and hence this interface, are available in Discus Professional only (they are not available in Discus Freeware).

The problem this interface attempts to address is that of "comment spam," where automated processes ("spam bots") attempt to post messages onto discussion boards, comments onto blogs, and content into feedback forms. The motivation of the spammer to do this is twofold. First, someone might actually click on the links that are posted in these areas, thereby visiting the spammer's site. But second and more importantly, if these links are left on pages that are indexed by search engines, this may result in a higher placement of the spammer's site.

Discus Professional implements features designed to combat this annoyance, which can generally be broken down into four different types of checks:

• Checks to see if the poster is a "spam bot" or a human: Since it would be inefficient for a spammer to visit pages manually and enter posts, they employ automated processes to search the web for them. Since many "spam bots" do not correctly handle hidden fields, cookies, or the HTTP protocol correctly, but most web browsers do, Discus Professional has a series of tests to stop "spam bots" that do not comply to these standards. This will never be a catch-all, since the designer of a "spam bot" can circumvent any such checks by designing a standards-compliant program. A second type of test in this category is a "CAPTCHA" test (an acronym standing for Completely Automated Public Turing Test to Tell Computers and Humans Apart). The most common implementation of this, and indeed the way this is implemented in Discus Professional, is to display a code as an image, and require the user to re-enter that code into a text box.

• Checks the content of a post: "Comment spam" typically consists of one or more URLs to external sites owned by the spammer. Historical features of Discus (such as the profanity filter) and new features specifically designed to combat this problem (such as limits on the number of URLs in a particular post) provide some level of protection. Discus Professional also has a client to a proprietary DiscusWare "collaborative spam signature system" which attempts to provide a spam probability based on content, as posts to all sites subscribing to the network are compared.

• IP-based checking: In addition to the IP banning features that have been available in Discus Professional since its inception, anti-spam IP features have been included to prevent problems before they start. These include the ability to use DNS-based realtime blackhole lists (RBLs), whereby the administrator may check the IP address of all message posters against one or more of these lists that are designed to flag open proxies and known spam sources. Additionally, because an attack by "spam bots" can increase the load on the server, the board administrator can automatically populate an .htaccess file that, if recognized by the server, will ban IP addresses at the server level.

• Checks for other oddities: This category of checks will look for things that spammers may do, that ordinary web browsers would not do. Currently the check within this category analyzes the HTTP_REFERER value, which spammers often forge so as to get even more links back to their site if web logs are analyzed and the results are posted.

• Spam Blocker Settings: A description of the first page of the Spam Blocker interface, including a summary of the features being used and, for those settings specified on this page, a description of how to enter those settings.

• .htaccess File: How to use .htaccess files to block spam bots from even invoking the Discus posting program.

• Collaborative Spam Signature System: An overview of the collaborative spam signature system, including setting up the client within Discus Professional. Please note that the access policy for the Collaborative Spam Signature System is covered separately.

• Setting up CAPTCHA: A document of the necessary Perl modules and other setup steps to use the CAPTCHA functionality of Discus Professional.