I haven’t been closely following the comment spamming problem, but it looks like its hit Trackback now as well. Furthermore, the spammers have discovered flooding and anonymous proxies… It’s become clear to me that these attacks will completely change the nature of the weblog landscape. It was only a matter of time I suppose. Rather than waiting for it to overtake and destroy the medium (a la USENET), it’d probably be good to be proactive.
At this point, it looks like rate-limiting (and auto-blacklisting based on flooding) is currently the most effective stopgap to go. The addition of easy deletion/banning might be a good idea (marking a comment as spam either from a custom interface or from the page itself will remove the spam, blacklist the urls pointed, and blacklist the posting IP). Bayesian-type filtering probably won’t work very well at this point b/c of lack of headers, size of corpus, although a SpamAssassin-like point system might (see also, slashcode noise filters). Using redirects (a la 2.661) may reduce impetus for spamming (although not for those that are just being annoying). White-listing sort of defeats the purpose, although I could see this whole thing being a good push for a Digital ID system (whether actual DigID or adhoc via PGP/GPG signatures). This could work in conjunction w/ a white-list/black-list system.
For the current flooding, which only serves as an attack tool, it may be a matter of thinking up of a way coming up with a number of challenges (two checkbox questions, one will ban you, form field and questions randomly custom generated) that can’t be automated, or assigning session ids to track a client regardless of IP. Of course, trackback would be more difficult. For trackbacks, one could run a mathematical filter on the trackback url before (and periodically after) putting it up… That’d have the bonus of checking for linkrot as well. (see also pingback as alternative)
Other people have been putting way more brainpower into this than I; this is just me blabbing of the top of my head.
- Never a Dull Moment – trackback flooding
- Comment Spam II
- Goodbye Trackback
- Spam Update – using nonces
- Throttling Down
- Confidential to my crapflooder
- FloodMT Crapflooding, Trackback-flooding and Whining crapflooders – summary of soap opera thus far
- Once upon a time… – moving forward as a community?
(I don’t think I have to worry too much about comment or trackback spam right now, the flooders seem to try to attack anyone who writes about them)