Gremlins ate this CAPTCHA, but Mollom is fighting them.

It means the CAPTCHA has expired. Mollom dynamically generates CAPTCHAs and keeps them around for x hours. After x hours, we remove the CAPTCHA.

The development version of Mollom for Drupal 6 has some extra debug code to help us/you track down CAPTCHA problems.

The fact that you get this message, suggest there might something wrong with your Drupal caching (and not necessarily with Mollom). If the problem is reproducible, I suggest trying out the development version of Mollom to see if you can learn anything extra. Check the watchdog / error logs and share the Mollom specific error messages in this issue.

Hello Dries. I'm working with yang_yi_cn on resolving this issue for the site we're working on.

Here's the error message we are getting in our Drupal reports:

Mollom ID '0909178e967140d3c0' has been tampered with: it was generated for a user with sid mf7v0urbtc3oc231ngj9eadlt5, but is used by a user with sid v0rf33qbk2pcpipbrggagsr2a4.

I've updated our mollom module to the latest version 6.10 and this is still happening.

One thing I did notice, is that the bad captcha would come when I was on the page, but if I submitted the form (incorrectly) it would generate and display a proper captcha. When I revisited the page again from typing in the path into my browser and pressing go, it would not display the captcha. This is happening when I'm an anonymous user. I did not test as logged in as it's on our signup form.

Under performance options in Drupal we do have caching set to "Normal" and minimum lifetime set to "None". I was able to reproduce the issue when this is enabled. I disabled this setting, then I was not able to reproduce the error. I've since re-enabled caching and currently I'm unable to reproduce the error. We are not using anything special besides normal Drupal caching, which I assume mollom should work with.

There are two web mirrors hosting this website and a single database server. Unfortunately I do not know much about how they are provisioning the traffic, but do you think perhaps this could be related to the gremlins eating my captchas?

Personal thoughts
I think it's got something to do with form cache...but I don't know how to resolve.

Also, if mollom is unable to properly get us the captcha, we'd rather have it fail silently allowing spam, rather than not allowing our users to signup. Ideally though, this would just work and not be an issue :D

For the past two weeks of having mollom disabled, we've received practically no spam.

In the past two days since re-enabling mollom it's reporting spam at 93% one day and around 70% the next. I would figure that these are not spam requests, but users who are trying to signup, but are unable to because our captcha isn't working properly.

I've disabled caching for now, and I'll see what this does to this ratio of HAM to SPAM.

Sorry, without further information this issue can only be marked as won't fix.

Feel free to re-open this issue if you want to provide further information. Thanks.