So, no ethical dilemma, though I was trending anyway toward Jeanne’s no-problem-here enjoyment of the spammers doing the OCR for us.

I ran a test: did a couple of comments 1) bad info in reCAPTCHA box and 2) no info in reCAPTCHA box. Both comments were tagged as spam and my Akismet filter caught them. When I installed reCAPTCHA I thought it tossed comments if the images weren’t successfully “read” by the commenter. I was wrong about that, it apparently just tags them as spam.

Doesn’t this indicate that spammers aren’t necessarily interacting with reCAPTCHA at all? I guess I need to know if your blog software is picking up that the comments are spam or are they getting posted as viewable/legit comments?

I’m one of the engineers who works on reCAPTCHA. We’ve found that sometimes the way spam detection works in wordpress can be confusing.

Please see our FAQ on this matter:

reCAPTCHA WordPress Plugin

The reCAPTCHA WordPress plugin uses a CAPTCHA to prevent comment spam. Here is how to add reCAPTCHA to your WordPress blog:

1. Download the zip file.
2. Unzip the recaptcha folder into your WordPress wp-content/plugins directory.
3. Activate the plugin on the Options | Plugins Management page of your WordPress admin site. A web form will prompt you to enter a public and private API key. You can sign-up for the keys at the ReCAPTCHA site using the link provided, and then enter them in the text fields to activate the plugin.
4. That’s it! Your reCAPTCHA widget should now appear on the comments page.

FAQ
HELP, I’m still seeing comment spam

There are two common issues that make reCAPTCHA appear to be broken, but are actually not problems.

* Moderation emails: reCAPTCHA marks comments as spam, so if you get moderation emails when spam comments are sent, you will get moderation emails for all spam comments with reCAPTCHA. We highly recommend turning off moderation emails with reCAPTCHA.
* Trackbacks and Pingbacks: reCAPTCHA can’t do anything about pingbacks and trackbacks. You can disable pingbacks and trackbacks in Options | Discussion | Allow link notifications from other Weblogs (pingbacks and trackbacks).

We’ve looked at the logs for your site and only seen about 40 solutions from your blog (all correct). If you’re still having spam issues, please contact us at support@recaptcha.net.

I definitely have been getting more hand entered comment spam (in addition to trackback spam that reCAPTCHA doesn’t prevent) – but for now it is still manageable.

I guess the next step is slightly more controlled communities – ones in which you must register in order to comment. There are definitely existing popular sites that moderate the first few comments posted by a new member and therefore discourage manual spam of the type you are describing – but then permit unmoderated comment posting after the user has proven they are a real person with a desire to contribute. That model sounds like a fairly sustainable one. My gut tells me that you would spend about the same time approving new posts by new ‘blog members’ as you used to spend yanking hand written spam posts – but perhaps it gives you the opportunity to build more of a community around your blog? Would some folks NOT comment if they had to register? Probably… but there is no perfect answer to all this. Of course this also begs the question if the hand-spammers wouldn’t just register along with ‘real’ people and see if they could sneak under the radar.

Are you certain they are real people? It’d be interesting to mirror this site elsewhere, but using a different captcha technology. If the spam stopped, perhaps it really would indicate a flaw in recaptcha. I wonder if there are wide scale statistics on amount of spam received by users of different anti-spam techniques. Hmmm….