Blasted by trackback spam
BatesLine was hit with 50 trackback pings in the last 10 hours, and not a single one was legitimate.
Trackback is a very useful mechanism that helps tie the blogosphere together. If another blogger comments on one of my entries, the other blogger's blog software will send an automated message (a "ping") to BatesLine notifying me of the link. This then shows up as a "trackback" on the individual entry pages, and it lets you see what's being said about what I'm writing. If the trackback is legitimate, it will link to an entry on another blog that links back to my entry.
At some point, the spammers figured out how to exploit this to peddle their wares on other sites without payment or permission. A trackback spam message puts a link to the spammer's site on one of my entries, but there's no corresponding link back to my site. That's discourteous, but what's worse is that the messages often advertise really horrible stuff.
By simply changing the name of my trackback script, I was able to screen out a lot of the spam, but the spambots have become smarter. Not only did the spambots figure out the changed script name, they sent everyone of those 50 pings from a different IP address. Either they have figured out how to spoof IP addresses, or they have deployed trojan horse programs via e-mail to unsuspecting PC owners, a trick they were already using with spam e-mail.
The balancing act is to foil the spammers without breaking the technology that keeps the blogosphere connected. To make sure I've not broken things too badly, I'd appreciate it if a few bloggers out there who use blog software with trackback auto-discovery (e.g. Movable Type) would post an entry that links to this one, just to see if it still works. (Just like you can't tickle yourself, you can't ping yourself, so I can't test this on my own. And no, this is not just some cheap ploy to boost my inbound link count.)
5 TrackBacks
Listed below are links to blogs that reference this entry: Blasted by trackback spam.
TrackBack URL for this entry: https://www.batesline.com/cgi-bin/mt/mt-tb.cgi/1465
TrackBack spammers: can't live with them, can't have them hunted down and killed. (Yet.) I went through a spate of attacks by these grit-eating, scum-sucking, pencil-neck geeks myself, though I... Read More
Michael over at Batesline.com is getting "wrung out" by trackback spam. This form of spam is a pain in the proverbial butt because bloggers use trackbacks to link blogs together. Earlier this year, I was getting hammered by trackback spam... Read More
Thus far, I've been lucky with MCW in respect that I haven't had one single trackback spam with Wordpress. (Probably because incoming trackbacks aren't working properly... will have to figure that one out...) I have however gotten many comment spams... Read More
This is trackback from HaloScan Read More
Captain's Quarters was hit by TrackBack Spam, as was BatesLine I hope they don't delete TrackBack's because I really like to credit Blogs that I quote. Read More
There are some .htaccess blocks you could use as well. Check this one:
http://spamhuntress.com/2005/04/08/wp-trackback-block/
Closing trackbacks on posts more than a week old has helped me a lot, too.
Michael-
I ran across the same problem a couple of months ago also. I ended up writing a cron to shut down TrackBack any posts two week old, and also using mt-blacklist to protect against any unwelcome visitors. Let me know if you need any help.