I was just sitting here and doing some thinking. Right now I have a renamed HTSRV directory which has practically eliminated trackback spam. Sooner or later the trackback spammers are going to get as smart and annoying as the comment spammers (especially as comment spamming becomes more difficult). My suggestion is to entirely rethink how trackbacks work. This is something that b2evolution could take the lead on as I don’t think anyone else has done this yet.
I’ve been thinking about how we could use captchas or other antispam techniques on trackbacks. Instead of having one trackback url for each post that’s listed on the site how about dynamically generating trackback urls as requested by users. Don’t list the trackback url on the post page, instead give a form for requesting a private trackback url. This would give us a place to use a captcha to verify a real user. Each user would get a unique and randomized trackback URL that would be valid for only one trackback. The temporary URLs and which article they are associated with could be stored in a new database table and a function could snag incoming trackbacks and post them to the appropriate article.
This would have to be a core feature change because it means multiple trackbacks per article and a database schema change. I know that a lot of people think the blacklist is the end-all be-all solution to spam and it helps a lot but it can’t solve everything. The HTSRV rename solution is temporary at best and this plan allows for a lot of future flexibility including the possible future ability of tracking how many trackback urls are request by a given IP in a given amount of time and rate limiting that. The idea of having temporary, user specific trackback URLs is a much more permanent solution to the trackback spam problem than what I have seen in the past. The current focus on reducing comment spam will certainly have the long term effect of pushing more spammers to trackback spamming and if b2evolution has a flexible framework in place for dealing with that threat we’ll be much better position to meet the challenge.
Comments are closed.