Trackback Spam Resources

From earlier this year, an interview with a link spammer in The Register. (TB is mentioned as a fallback for when comment-based link spamming becomes too difficult.)

Judging by some of the recent articles on SpamHuntress (another site dedicated to analysis and eradication of spam, including trackback spam), there are indeed lists of vulnerable weblogs floating around the Internet—just like the lists of live addresses that email spammers buy and sell. Update: More SpamHuntress links, including her catalog of TB spam solutions and the new Spamhuntress Wiki, which includes some very interesting spammer profiles.

Found elsewhere: Analysis of one particular attack on WordPress blogs.

Read the rest of this entry »

No contemporary discussion of the viability of Trackback would be complete without a reference to Tom Coates’ fatalistic article last month: Trackback is dead. Are Comments dead too?

Rounding up some reasonably authoritative links on current best practices in Trackback spam prevention:

• Learning Movable Type: Trackback spam (Feb. 2, 2005). Techniques mentioned:

  • content-based filtering (the obvious approach, inspired by email anti-spam techniques)
  • obfuscation (juggling the the TB URL as well as nearby text; more examples here)
  • blacklisting (ignoring known spam IPs)
  • expiration (turning off TBs for old posts)

  Plenty of additional links at the end of the article.

• Matt Mullenweg: Trackback spam (Jan. 5, 2005). The original post isn’t much, but the discussion (in the form of comments, and, yes, trackbacks) offers a pretty good look at current best practices (geared toward WordPress users). Add to the above list of techniques:

  • moderation (simply involve a human for every comment or TB received)
  • whitelisting (remembering “known good” URLs, as pointed out by Matt in the comments; see the 1.5 announcement for more info)

• WordPress wiki: Trackback Spam Tools/Plugins.