I wake up this morning with 28 new comments on my site that all say the same thing. Apparantly the spammers have found a way to enter the captcha images via a script. The standard JomComment captcha images are not that hard to read so maybe the spammers are just getting smarter. I really don't want to have to force everyone to be logged in to comment so that's my last resort.
Now I've turned off the JomComment Captcha and turned on re-captcha which distorts the words even more and has double the number of words. It also puts lines through the text etc.. The other plus is that re-captcha uses our brain power to solve words that OCR was unable to solve. Meaning there are a lot of pre-computer books that are being scanned in and there are words that the OCR can't interpret. Re-captcha pulls those words out and gives them to us as a security text. Humans then read the words, solve them (to comment in this case) and the result is sent back to re-captcha where it's used to finish the translation of an old book to digital form. Kill two birds with one stone.
Everyone wins, you get to comment, I get less spam and old books get digitilized...
I also have my site contacting wordpress and using their akismet service to detect known spammers. I think Wordpress would have a pretty big list because they're known for being a target. Also non-registered user comments are now approved by me first. If you want your comment auto-published then log in!