For one thing, it’s just not economical to write a spambot to defeat every countermeasure that is developed. This is a game of maximum effect for minimum effort; if .01% of the WordPress blogs implement this method, who’s going to bother spending the time programming a spambot to outsmart it?

For another, I explicitly state: don’t implement this on your blog exactly as I’ve written it. I point out a number of places where you can customize this method in order to delay the spambot programmers identifying a pattern. And even if you don’t post the inner workings of your anti-spam system, that doesn’t make it inherently more effective. Akismet is pretty secretive about how it identifies spam. But each time someone figures out how to fool Akismet, that spammer has a window in which he/she can post spam to thousands of blogs until Akismet is updated.

If this system doesn’t satisfy you, you could try developing a method like the one I alluded to in the post:

One in which a visitor who wishes to leave a comment is required to complete a challenge-response question, the correct answer to which is used as part of the name of the script, so that the path to the script doesn’t exist anywhere until the visitor creates it.

Or modify the timestamp method for reducing spam.

Lastly, all I really intend to do here is to block some of the spam before it reaches Akismet in order to reduce the number of database entries. I’m not trying to solve the spam dilemma, just hoping to lighten the load on my server.

Thanks for your comment.
-Oliver

Brilliant stupidity.

I know that this isn’t the end-all solution to comment spam, but I think it should be very effective against the current field of bots; in the 24 hours since I implemented the method, I’ve received zero spam.

I really like your step 4 – very clever.