Plugins You can find out about all the publicly available Grails plugins.

Akismet Anti-Spam Plugin

  • Tags: antispam, akismet
  • Latest: 0.2
  • Last Updated: 08 August 2010
  • Grails version: 1.3.2 > *
  • Authors: Erik Pragt
1 vote
compile "org.grails.plugins:akismet:0.2"




Install this plugin by typing: grails install-plugin akismet

Please read the installation instructions for further installation and configuration.



This plugin uses the Akismet service to check for spam messages. Akismet is also used for popular blogs like Wordpress to prevent spam from appearing in the comments. A key for this service is needed, which can be requested here for free for personal use.

The plugin requires a key, a site name (usually the name of the blog), and optional provider.


You'll need to place the following configuration element in the Config.groovy

akismet {
    key = "<your-key>"
    site = "<your-website" // eg
    provider = ""  // or


Tomas Lin mad the suggestion to support Typepad as well. Typepad has a more friendly licensing scheme, but it also a little more aggressive on assigning a spam status to some messages (based on some quick testing). Since it has the same API, adding support for it was easy, so this can be configured now with the provider configuration. It's optional: adding no provider will use akismet, but you can change that to Typepad. You can request a key for typepad here (+)

rest.akismet.comFree for personal use
api.antispam.typepad.comFree for all use


There is some debug logging available. This can be enabled by adding the following line to the Config.groovy Log4j DSL:

log4j = {
     // other logging configuration...

debug "nl.jworks.akismet" }


The Akismet functionality is located in a service. This means you can use it eg. by defining a field in your controller, call the service methods, and you'll get an answer immediately. A small example of this:

class BlogController {
   def akismetService

def addComment = { def comment = new Comment(params)

if (!akismetService.isSpam(request.remoteAddr, request.getHeader('User-Agent'), request.getHeader('Referer'), "", "comment",, comment.emailAddress,, comment.text)) {"Comment ${comment.dump()} considered okay. Posting it")

// logic here } else { log.warn "Comment ${comment.dump()} considered spam." } } }

The Akismet Service has the following methods:

verifyKeyChecks if the configured key is correct
isSpamThe core of the service. Checks if the supplied information is considered spam by the Akismet Service. Returns true if the submitted information is spam, false otherwise.
submitSpamSubmits new information to Akismet to be considered spam
submitHamSubmits false positives to Akismet to be considered NOT spam

Most of the calls take the same parameters, so I'll document them only once:

blog (required)The front page or home URL of the instance making the request. For a blog or wiki this would be the front page. Note: Must be a full URI, including http://.
ipAddress (required)IP address of the comment submitter.
userAgent (required)User agent information.
referrerThe content of the HTTP_REFERER header should be sent here.
permalinkThe permanent location of the entry the comment was submitted to.
commentTypeMay be blank, comment, trackback, pingback, or a made up value like "registration".
commentAuthorSubmitted name with the comment
commentAuthorEmailSubmitted email address
commentAuthorUrlCommenter URL.
commentContentThe content that was submitted.

For the not required items, you can just supply a null value. When you don't have access to the optional values, just supply null values. It is recommended however to supply as much information as possible.