Question about “Validate the ip address of commenters”

In the wiki there is some (short) explanation:
https://github.com/pluginkollektiv/antispam-bee/wiki/en-Documentation#validate-the-ip-address-of-commenters

More details:
This feature is taking the ip address and resolves it to a hostname, then it takes the hostname and resolves it to an ip address. Then we compare if the host is identical to original ip.

This would be a great tool to see if an ip address is fake or not, but there are reasons why this won’t work. Load balancer for example would resolve one hostname to different ip addresses (aka server), so these test is not very useful and should be disabled if it produces more false positives than it catches spam.

As these data is not saved (just the result) and the check is made from the server it is compliant with the GDPR to our understanding.

All the best,
Torsten

if I deactivate the public database check, it compares the comments with my local comments that are marked as spam.

This mixed up a little bit…

If you *activate* the *local* spam database it compares new comments with comments that are marked as spam:
https://github.com/pluginkollektiv/antispam-bee/wiki/en-Documentation#look-in-the-local-spam-database

For the *public* spam database we need to send the unshortened ip address to this service, so that is not GDPR compliant. Because of this we will maybe remove this feature with the next release.
https://github.com/pluginkollektiv/antispam-bee/wiki/en-Documentation#use-a-public-antispam-database

Does that mean Antispam Bee will not filter anything from my contact form?

That’s correct.

All the best,
Torsten

Yes, that would be my recommendation. But I think this always need to be evaluated for the individual case.

You can mark the spam and check it. Does this reason really happens very often or does it produce many false positives? If it works for your audience the use it otherwise better disable it.

All the best,
Torsten