trackback spam

[ ] by Christian Stocker @ 22.11.2005 10:50 CEST

We (the Bitflux Blog) are currently hit by trackback spam once again. It's especially hard to take appropriate countermeasures, as the usual antispam techniques (captchas, hidden fields, etc) don't work here. So what do we do:

The usual comment modes also apply to trackbacks, meaning if you turn off comments, you can't trackback either anymore. Also trackbacks - as with comments - are only allowed for one month by default. You can change that behavior for each post or globally in the settings.

Furthermore trackbacks are moderated by default. Currently you can't change that, it's hardcoded. But in my experience, it's not worth automatically publishing trackbacks. There are much more spam trackbacks, which fall trhough our spam-detection than legitimate ones. It may be irritating to legitimate trackbackers, that their trackback doesn't show up immediatly, therefore I added now a little text to the default templates about that.

We also check the IP sender against xbl.spamhaus.org (catches about 50% of spam trackbacks) and against surbl.org (less than 50%). We also have our own blacklist, where we add spam-urls as soon as they hit us (and we find the time and internet connection to add it :) ). For this reason, I always allow comments on Bitflux Blog, so that we get as much spam urls as possible.

By the way, you won't get email notification for rejected comments/trackbacks by default, therefore you may sometimes not know, how much spam you get :) You can change that in the settings, too. But we never had false positives and you can check the rejected comments/trackbacks also in the webadmin (but they are deleted automatically after 3 days).

If anyone has any idea, how we can further improve trackback spam detection, let us know.

Tags:
Related Entries:
Akismet anti spam support added
Enough is enough (trackback spam)
Tagcloud Plugin
Make private post got more useful
rel="bookmark" added to permalinks
Comments (4)  Permalink

Comments

red @ 22.11.2005 12:29 CEST
I wrote a script which tracks the log entries of mod_security and blocks hosts which try over and over again. To get the spammers I get the mod_security rules from here.
chregu @ 22.11.2005 14:23 CEST
Thanks for the hint, but the problem with that particular trackback bot is, that it comes from different ip adresses. Looks like a bot-net :) I have it under control, but it's nevertheless annoying...
red @ 22.11.2005 14:42 CEST
Yes, the botnets. But with about 2000 hosts blocked I am down to about one spam-request/hour...
Ray CHOW @ 28.11.2005 13:03 CEST (Trackback)
Many people still rise up against what they call a kind of ‘Trackback Spamming’. Say for example (A) has published a post that supports Trackbacks by way of comment. Any time later, a blogger (B) might write a related post,
No new comments allowed (anymore) on this post.