Scoble writes that WordPress.com has strong comment spam protection, but that it sometimes gets false positives.
I’ve found nothing better for spam protection than WP-Hashcash, which uses Javascript to make sure it’s a human entering the comment, not a robot, but without captchas or other stuff the user has to do. Works like a dream.
The only down side is it doesn’t work with some older WP templates. So while this site is fully spam equipped, my personal blog won’t run it until I upgrade the template (probably a project for Christmas time).
But apart from that, for WPers out there, I can’t recommend it highly enough.
Combined with settings that ensure firsttime posters go straight to moderation (subsequent postings are approved automatically) it ensures that those damn spammers never get their comments published on my site.
I might add that the company I work for (which develops B2B messaging systems) is working on a new site. To encourage them to update it regularly (some might call it blogging, but I’m emphasising “regular updates to existing and potential customers”) I’m building it on WordPress. Given WP’s ability to do a site of static pages and dated entries, it should work very well.