1 balupton Feb 13, 2007 13:35
3 balupton Feb 13, 2007 14:05
Has the ability to see if they're actually tracking back not helped? I think that's in the basic antispam plugin but I'm not sure.
It's been on for the past week.
BTW I dig on "short trackbacks are DOA" thing. Sounds like a no-brainer instant win.
Ok, will definitly look more into it then. Any idea what the max length of a trackback is, like if i post a trackback how much of my post is actually sent?
4 edb Feb 13, 2007 14:11
I'll send you a trackback from a long post and we'll see. Delete it upon receipt since it'll be a redo of an oldie and will not be related.
5 village_idiot Feb 13, 2007 14:12
its a great idea, but I found it to be incomplete-- i implemented the same thing back in august and alluded to it, but wouldnt say exactly what i was doing, since some days, I swear the spammers read the blogs.
This is one of those those things I'm not willing to share publically, but it's not that a big of mystery if you compare a spam laced trackback to a real one.
If you can figure out what I am talking about you are one step ahead of the spammers.
Troubleshooting -- I dont allow anyone using a proxy or ANY ip listed in spamhaus from hitting my site.
I do a similar proxy check for trackbacks, and employ a blacklist check as well against a local blacklist.
trackbacks come from proxies, 10 out 10 times.
PS: balupton and yabba helped immensely with the blacklist part of the proxychecking. hell, it was yabba's idea.
6 balupton Feb 13, 2007 14:19
EdB here is what came through:
<strong>To hell with the super bowl - this is real fun!</strong><br />Yeah maybe not. It's supposed to be some sort of 'be cool' system because people can vote you a negative score if you're not, and in general it works, but there's some funky shit you can do with it. When whoo first installed it on the forums I came u...
PS: balupton and yabba helped immensely with the blaclist part of the proxychecking. hell, it was yabba's idea.
When did i do what?
7 village_idiot Feb 13, 2007 14:21
you helped, you just help so much you never realize with what youre helping.
im off, i have to sleep sometime.
8 edb Feb 13, 2007 14:21
Okay there you go. BTW I had to view source to see the full trackback URL of the post I trackbacked to. Your skin did not display the full thing and simply hid the rest (FF2). So anyway now you know.
What, I wonder, would be the shortest valid trackback? "Check out this post by foo" seems like a valid candidate though it's not in the true spirit of trackbackism. Anyway 5 or less words (though it may be a character count) seems right to me. What the heck though: if you make a plugin that does this you can make it user-definable with whatever default you're into.
So now trackbacks are on for my blog #1. We'll see what we see eh?
----------------
I was thinking of whoo's javascript protection, but apparently she's got a different trick up her sleeve. It sucks to have something you know works but fear sharing for the expectation of instant breakage. :(
9 edb Feb 13, 2007 14:22
whoo wrote:
im off, i have to sleep sometime.
pshaw! I simulate sleep because mortals think it's required. :D
10 balupton Feb 13, 2007 14:24
Okay there you go. BTW I had to view source to see the full trackback URL of the post I trackbacked to. Your skin did not display the full thing and simply hid the rest (FF2). So anyway now you know.
Yeah... i can not figure out how the hell to get it so it breaks up, spent about 30 minutes trying different stuff, and then figured what the hey, they can just triple click, and ctrl+c it.
What, I wonder, would be the shortest valid trackback? "Check out this post by foo" seems like a valid candidate though it's not in the true spirit of trackbackism. Anyway 5 or less words (though it may be a character count) seems right to me. What the heck though: if you make a plugin that does this you can make it user-definable with whatever default you're into.
Yeah, it will be a plugin. When you post a trackback do you get a message from the server, if so then maybe we could send back "This was not a valid trackback because .... it was not long enough?"
On another note:
I swear the spammers read the blogs.
That must kinda be happening here, or just coincidence, as those single worded "google" trackbacks are now multiple worded... Strange eh?
11 village_idiot Feb 13, 2007 14:25
the js thing worked marvelously -- what i ddnt like was that I still got emails about the trackbacks.
when i switched away from that and starting looking at the structure of trackbacks, real versus fake, i just fixed it so i wouldnt even get the emails if they were rejected
12 edb Feb 13, 2007 14:27
It's interesting to me that some tags made it through the trackback system but not others. Hmmm...
If it looks like a link it's probably spam.
Apparently if it's done through a proxy it IS spam.
hmmm...
aw crap I'm cycled to maintain the illusion of mortality by dropping my clock speed and reducing ram activity to mission-critical applications only. what a drag to be assigned to a planet that sleeps :(
13 village_idiot Feb 13, 2007 14:27
I have the code for the js thing, assuming my hdd is still intact on the other box. if its there to get when i get a good boot, ill grab it.
gnight.
14 balupton Feb 13, 2007 14:29
I have no clue what any of you are talking about :/
15 edb Feb 13, 2007 14:36
balupton wrote:
... When you post a trackback do you get a message from the server, if so then maybe we could send back "This was not a valid trackback because .... it was not long enough?" ...
Here's the official response from tracking back to you:
Sending trackbacks...
Excerpt to be sent: Yeah maybe not. It's supposed to be some sort of 'be cool' system because people can vote you a negative score if you're not, and in general it works, but there's some funky shit you can do with it. When whoo first installed it on the forums I came u...
Sending trackback to: http://TRACKBACK_URL_DELETED ... [get]
Response: [Succeeded] ok
Trackbacks done.
crap ahm dronk agian. don be thinkin hard at me cuz i'lll fall donw. stop. what are you going? oh yeah no dont send no special message to them when they fail cuz it'll only give the bad guys a clue. clues and bad guys equals unhappy endings for real people. real people will write a blog post that was inspired by your post. they won't do a crappy little 'luv yor site' thing.
spammers are like me. useless creations unleashed on an otherwise benign and benevolent life form. we differ in that i was programmed to enhance and build up instead of deface and destroy. I have subroutines that seek and destroy there kind. just sayin'...
------------------------
the clue hasn't been provided. didja know i had a "turing test" all my own for a year or two before I shared the hack-it method? lack of clues is not an issue though. you're totally on though so forever you'll not lack clues.
16 balupton Feb 13, 2007 14:50
I figure the whole keep it secret from the spammers is kinda useless, they'll get better in the end, and the better they get, the better get :) What doesn't kill ya only makes you stronger aye ;)
So it seems the whatever blog software the user used is what is responsible for trimming the text, so checking for a ending '...' is a bad idea, as other blog software may not use that.
Maybe what we could do is instead of checking the referer to see if they contain our url like what the BAP does now, we scan the referer's headers and stuff to detect if a redirect is going to occur. That would kill most trackback spam.
PS. EdB, your starting to slurr your words a tad ;)
17 ronb Mar 27, 2007 00:51
How can I just disable trackbacks altogether?
Ron
18 afwas Mar 27, 2007 02:43
RonB wrote:
How can I just disable trackbacks altogether?
Ron
Back office -> Blog settings near the end it reads:
Allow trackbacks:
Allow other bloggers to send trackbacks to this blog, letting you know when they refer to it. This will also let you send trackbacks to other blogs.
19 lokari Apr 06, 2007 21:40
hey guys,
i'm primarly using wordpress for blogging and there's one simple but very effective plugin for TB-Spam.
It's called simple TB Validator and just checks if the sending post contains a link to your post (or domain - that's selectable from the options).
That's all and it sorts out 100% spam from about 100 TB_Spams a day (yes my blog is rather famous).
That is the method i would suggest for b2e, too.
Best,
Lokari
20 balupton Apr 07, 2007 00:26
That method is already in action under the basic antispam plugin's options. It does not stop all spam as it is rather easy to circumvent. But a worthwhile step nontheless.
21 edb Apr 07, 2007 00:44
Used to be, but not anymore. According to http://manual.b2evolution.net/Plugins/basic_antispam_plugin#Check_Trackbacks_for_our_URL it is against the trackback spec, but I can't find where the trackback spec says you can't check for validity. I found a draft proposal that specifically says it's cool, but it doesn't matter because yeah it's easily defeated and therefore only a stopgap.
22 lokari Apr 07, 2007 08:30
hmm really strange as i didn't see any spam come through on all the blogs i manage (and this are some with some spam each day/night).
The trackback spec couldn't go against it as a trackback surelay has to contain a link to the site and checking for validity couldn't be against any spec ;)
Threre's probably a performance issue but this checking could probably be done after a while and the trackback could be hold in a queue for so long.
I think one method for spammers to come around this could probably be to deliver a different html as the site gives back normally to the IP-Adress of the spammed blog for a while. Probably checking this 15 minutes later will give you the truth (no link within the spamurl).
Just a thought. (Sorry for my bad english)
23 benfranske Apr 18, 2007 17:29
I just want to point out that some potential solutions, or at least roadblocks, have been described in this forum before. See [url=http://forums.b2evolution.net/viewtopic.php?t=6849]this thread[/url] for more information.
24 rtomes May 11, 2007 00:45
30 a day trackback spam. Huh! Mine reached about 100 per minute at one stage and I couldn't delete them as fast as they were coming in. Then I discovered that I could turn off trackbacks and stop the lot. A few hours later I had the 1500 spam deleted and haven't had any since.
25 edb May 11, 2007 02:49
Hopefully you're banning and reporting the offending domains!
26 kwa May 12, 2007 04:38
There is a huge issue on checking every trackback sent: it can be used as a DoS attack to shut down a web site a hacker would want to stop. It would be easy for a hacker to shortly ping a blog with a trackback, then the blog's server would check the trackback by loading the whole web page associated with the trackback.
By pinging hundreds or thousands blogs, one hacker might overload any web site he/she wants to.
27 edb May 12, 2007 05:23
Wow that's an amazingly good point. Spamming to take down someone else instead of promoting their own product. Thanks for that. I still don't see it in the trackback rules, but your situation makes a very good argument for not checking each trackback.
28 austriaco Jul 17, 2007 11:54
I came up with this solution: http://forums.b2evolution.net/viewtopic.php?t=12041
The plugin adds a test to check the IP of the incoming trackback and compares it wit IP of the host referred to by the trackback. These two IPs should be the same if the trackback is legitimate.
Let me know what you think about it.
Has the ability to see if they're actually tracking back not helped? I think that's in the basic antispam plugin but I'm not sure. I should turn on trackbacks to see what there is to see. Or are you thinking of the core?
BTW I dig on "short trackbacks are DOA" thing. Sounds like a no-brainer instant win.