Mollom in Jobat

I was recently interviewed by Barbara Vandenbussche for Jobat, a Belgian employment website with a weekly print magazine written in Dutch. The interview (PDF, Dutch) talks about Drupal, but also mentions Acquia (my other startup) and Mollom. It is the first time that Mollom was prominently featured in the printed press, and that needs to be celebrated with a blog post. Yay!

Website spam protection in the enterprise?

Kas Thomas, a CMS analyst at CMS Watch, published a great article on Mollom and the future of website spam:

"If you're in the process of selecting a Web CMS and/or Social Software vendor, and you plan to deploy public-facing blogs or wikis, be sure to take comment spam mitigation into account. Moderation of comments (by humans) is inherently costly. A SaaS service like Mollom or Akismet may not completely eliminate the need for moderation but could be money well-spent. One thing is certain: spam is something you need to budget for and architect around. Ask your vendors what kind of help you can expect from them. And don't settle for the sound of crickets chirping."

When at Gilbane last week, it was clear that nearly all enterprise WCMS vendors are working hard to integrate blogs, wikis, forums, tagging and voting into the core of their offering. Clearly, Web 2.0 is currently receiving the level of attention in the enterprise that it got in the open source world two years ago. Maybe by 2010, they'll have support for OpenID, oAuth, XFN, Twitter, etc. just like Drupal has today. ;)

Anyway, Kas Thomas of CMS Watch is right. Allowing users to react, participate and contribute while still keeping your site under control can be a challenge. Spam is something you need to budget for and architect around. At first glance, I don't think any of the vendors at Gilbane had a strong anti-spam offering, if an offering at all. In fact, I wonder if they understand the spam problem that is ahead of them now that they have begun opening the flood gates on user generated content.

At Mollom, we have a Mollom client API making it possible to integrate spam protection in your CMS and other web applications. The last couple of weeks, Ben and I have also been working on a Mollom reseller API that will allow vendors to seamlessly integrate Mollom into their SaaS offerings and eventually to become a Mollom reseller. You'll be able to create, update, delete and manage Mollom access keys without ever having to send your users to The combined set of APIs should give more vendors access to anti-spam technology before 2010 ...

More about our reseller API later, but feel free to drop us an e-mail if you want to help beta test or become an early reference.

How Drupal uses the Mollom API

Mathias is working on a Mollom plugin for WordPress. To help him out, I created an image that illustrates how the Drupal module for Mollom blocks comment spam. If you're working on a Mollom plugin for your favorite CMS, this is how we recommend you use the Mollom API.

Mollom as a reputation service

A while ago I wrote about spam, OpenID and Mollom. I mentioned that at Mollom we are maintaining an internal reputation for OpenID identifier that we encounter while assessing submitted content. In addition to that, we could also asses the reputation of the OpenID identify provider (IdP), which is useful in its own right.

It is still early days, but I believe that any identify system (i.e. OpenID) needs a reputation component (i.e. Mollom). I also believe that any reputation system needs to be able to establish an identity first.

Mollom's reputation system tries to predict future behavior by looking at past behavior. To do this, Mollom keeps track of past behavior, and updates the behavior as it receives more data about the user. At the same time, Mollom forgets. In other words, one must consistently behave well to maintain a good reputation.

At Mollom, we plan to open up our reputation system through an API (i.e. mollom.getReputationIdentity('')) or mollom.getReputationProvider('')), but before we do, I'd like to solicit some feedback and invite people to participate.

Nothing drives API design better than concrete use cases and experiments in the field. How would you like to consume reputation information? What format should we use so reputation information from different sources can be combined? How can your application help us build and maintain reputation profiles? How do we prevent abuse?

I don't expect that we can answer these questions overnight, but if you want to collaborate or prototype a few ideas, let us know. Should be fun!

Second .NET library for Mollom

Microsoft developers are jumping over the walls here at the Mollom headquarters! Tom Adriaenssen also wrote a Microsoft .NET library for Mollom; see Tom's announcement. While Jelle's .NET library for Mollom uses the Microsoft Public License, Tom's library ships with a MIT license -- both are approved by the Open Source Initiative (OSI). We added both libraries to the Mollom download page. Hopefully dasBlog and DotNetNuke plugins will follow soon. Oh, and we could use some controls too! Anyone working on those?