Spam trackback attack week 2 statistics

The trackback spam attack is well into its second week now. The people who run blocked all access from the IP address block, which not only blocks trackbacks but also prevents them from reading the content (and therefore prevents them from scraping).

Undaunted, the sites just moved to a new IP address.

Site From To Count Rate (pings/hr) 6/02/2009 07:32 AM 6/02/2009 07:32 AM 1 6/02/2009 07:42 AM 6/02/2009 07:42 AM 1 6/02/2009 10:31 AM 6/02/2009 11:07 AM 18 28 6/02/2009 02:18 PM 6/02/2009 05:50 PM 188 53 6/02/2009 06:46 PM 6/02/2009 06:46 PM 1 6/02/2009 7:28 PM 6/02/2009 7:50 PM 17 44 6/02/2009 9:22 PM 6/02/2009 9:35 PM 10 42 6/02/2009 11:04 PM 6/02/2009 11:19 PM 8 28 6/03/2009 12:58 AM 6/03/2009 01:30 AM 24 43 6/03/2009 02:53 AM 6/03/2009 02:53 AM 1 6/03/2009 03:29 AM 6/03/2009 03:29 AM 1 6/03/2009 03:23 AM 6/03/2009 03:51 AM 24 49 6/03/2009 07:12 AM 6/03/2009 07:12 AM 1 6/03/2009 07:16 AM 6/03/2009 07:16 AM 1 6/03/2009 12:44 PM 6/03/2009 12:45 PM 2 60 6/03/2009 12:47 PM 6/03/2009 12:47 PM 1 6/04/2009 11:35 PM 6/04/2009 11:35 PM 1 6/06/2009 01:21 AM 6/06/2009 01:21 AM 1 6/07/2009 06:15 PM 6/07/2009 06:55 PM 40 59 6/07/2009 06:56 PM 6/07/2009 07:39 PM 125 173 6/07/2009 07:40 PM 6/07/2009 08:30 PM 53 62 [sic] 6/08/2009 11:17 AM 6/08/2009 12:00 PM 41 56 6/08/2009 02:48 PM 6/08/2009 03:51 PM 155 147 6/08/2009 05:00 PM 6/08/2009 05:15 PM 45 176 6/08/2009 07:31 PM 6/08/2009 08:17 PM 118 153 [sic] 6/08/2009 10:44 PM 6/08/2009 11:23 PM 62 94 6/09/2009 01:13 AM 6/09/2009 01:48 AM 59 99 6/09/2009 03:47 AM 6/09/2009 04:43 AM 94 100 6/09/2009 11:15 AM 6/09/2009 12:00 PM 60 79 6/09/2009 12:01 PM 6/09/2009 12:44 PM 135 187 6/09/2009 12:44 PM 6/09/2009 01:05 PM 51 143 [sic] 6/09/2009 01:06 PM 6/09/2009 01:11 PM 7 72 [sic] 6/09/2009 04:48 PM 6/09/2009 05:08 PM 48 141 6/09/2009 05:11 PM 6/09/2009 06:05 PM 167 184 6/09/2009 06:04 PM 6/09/2009 06:18 PM 33 137 6/09/2009 06:18 PM 6/09/2009 06:59 PM 133 193 [sic] 6/09/2009 06:59 PM 6/09/2009 07:36 PM 77 123 6/09/2009 07:37 PM 6/09/2009 08:01 PM 64 158 6/09/2009 08:02 PM 6/09/2009 08:46 PM 133 180
Comments (17)
  1. John says:

    As I said last time, there are really only two options for dealing with spam:

    1. Make it unprofitable
    2. Death sentences

    Unfortunately, option 1 isn’t really viable because the registrars and ad companies also profit from it and they hold all the power.  Option 2 also isn’t that great because people don’t consider spam a big enough deal to actually go after the guy.  On the rare occasion that somebody does go after him, the penalties are minuscule compared to the grief caused.  Even if a guy gets taken down, 10 more pop up to take his place.  Sadly, the only option this leaves us is mob justice.  I am not normally a proponent of it, but if nobody else is going to do anything then what other option is there?

  2. zzz says:

    Why can’t just all web sites use some kind of shared automatic black listing system, so when say the spammer has spammed on 3 sites (threshold 3) then all the other sites participating in the list block automatically.

    MS could build it into the IIS and advertise admins/devs with option to enable it and integrate it into comment facilities.

  3. Mike Dunn says:

    I must admit to getting a chuckle out of and (which, upon first reading, I parsed as "me so the lmao lawyer for you"

  4. John says:

    zzz: There are more domain parkers than there are atoms in the universe.

  5. violet says:

    <blockquote>Why can’t just all web sites use some kind of shared automatic black listing system, so when say the spammer has spammed on 3 sites (threshold 3) then all the other sites participating in the list block automatically.</blockquote>

    You mean like <a href="">Akismet</a&gt;? It’s built into WordPress (but the API is open, so could conceivably use it).

  6. Alexandre Grigoriev says:

    I guess the server needs to do reverse DNS lookup (keeping some cache, of course), and return some meaningless garbage for .info (and domains (NOT just reject connection, because it will be logged). Any postings shall be accepted and dropped. If in doubt, challenge with captcha.

    [How do you do a captcha on a trackback? Trackbacks are programmatically generated. -Raymond]
  7. sic sic sic says:

    Dammit, I wanted that domain!

  8. James Schend says:


    WordPress has one, actually, called "Akismet". Since WordPress blogs number in the hundreds of thousands, it’s pretty effective, too.

    I’m not sure if it would be possible for to make use of Akismet data, it might be WordPress (or open source) only.

  9. Nathaniel says:

    Maybe just disable trackbacks? I can’t think of a time when I thought them all that useful.

    In any case, IP-based blacklisting is pretty much a lost battle already, what with botnets and all. Better to try Akismet or something along those lines. I know it isn’t WordPress only, as Drupal (another CMS) has an Akismet module you can get.

  10. configurator says:

    I have yet to see any trackback on anyway. Do they (the non-spam ones) actually appear anywhere?

    [They’re out there. -Raymond]
  11. configurator says:

    Oh my. It seems I’ve conditioned myself to ignore them so perfectly it took me quite a while to notice them even in your link directly to them.

    That said, why are they enabled? What are they good for, except maybe for the OP to see who talked about him, for which Google Alerts is much better?

    [The original purpose is so that readers will know that there are other blogs discussing/reacting to the entry. And I’ve found that the only articles that Google Alerts sends me are my own! -Raymond]
  12. Cheong says:

    I don’t know, but is there an option to quarantine trackbacks and allow them to display when the blog owner explicitly approve it?

    So you may allow trackback to show it you think it’s interesting, and those spam trackbacks will be deleted when you don’t approve them for a period. Also, those inactive blogs won’t be flooded with trackback spams.

    Afterall, unlike email, trackbacks rarely carry important messages. If you accidentially “not approve” some of them, at worst we may just miss some interesting stories.

    [If only such an option to quarantine trackbacks existed that would solve the problem. -Raymond]
  13. DysgraphicProgrammer says:

    "2. Death sentences"

    IMAO, spam is the one justification for torture. A spammer should die slowly, painfully, and ironically.

  14. Alexandre Grigoriev says:

    [How do you do a captcha on a trackback? Trackbacks are programmatically generated. -Raymond]

    Why do you care? The attempt to insert a trackback will then fail, because it could not do captcha. That’s the point. Want a trackback – do it with your fat fingers.

    And the blog scrapers will only retrieve a BS page.

    [What’s the fat-fingered interface for creating a trackback? -Raymond]
  15. Brian says:

    “[What’s the fat-fingered interface for creating a trackback? -Raymond]”

    Going to the blog you’re linking to, scrolling down to the “Leave a Comment” section, and typing “Ping back from <my blog>” in this same box that I’m typing in now.

    [That’s not a trackback; that’s a comment masquerading as a trackback. Maybe you’re arguing that that’s good enough. -Raymond]
  16. Brian says:

    "Maybe you’re arguing that that’s good enough. -Raymond"

    Yes, that’s exactly what I’m arguing.  I honestly don’t see how the small time savings from not having to manually enter the "trackback" makes up for the spam problems they cause.

    Additionally I find manually entered links to be higher quality than automatic ones because people tend to include little summaries along with the link.

  17. Mesothelioma News - W. R. Grace Trial Delayed says:

    PingBack from

Comments are closed.