A new kind of pingback spam

Today I received the first of what I think might be a new kind of pingback spam. One which passes all the usual checks – i.e. the source site contains a link back to the post pingbacked (or at least does at the time the pingback occurs) and supports the pingback specification.

Basically what the spammers appear to be doing is creating the spammy article and then designating a paragraph at the end of the message to temporarily contain an outgoing link. They then automate the manipulation of this paragraph and the sending of pingbacks so as to get linkbacks to there article from multiple remote sites. This means that for approximately a five minute period around the time at which you receive the pingback your site is linked. Then they move onto another target and you are no longer linked but they hope are still linking back to them.

What can we do to fight against this type of pingback spam? I think a new spam rule for validating pingbacks is to ensure that the extracted pingback content contains more that just a link to your post and actually includes some texts as well. For example the following, as extracted pingback content, would be treated as possible spam:

[…] http://example.com/my-post […]

To conteract this new kind of pingback spam I’ve hacked together a simple Spam Karma 2 plugin which gives a -5 karma hit to pingbacks containing one link as there whole content to force them into moderation (by default pingbacks get a +4 bonus as they are harder to spoof than trackbacks).

You can download the Spam Karma 2 plugin here: sk2_pjw_pingback_plugin.0.01.zip

Installing is as easy as:

  1. Install Spam Karma 2
  2. Activate Spam Karma 2
  3. Unzip the plugin into the sk2_plugins directory within the SK2 directory in your plugins folder. (e.g. wp-content/plugins/SK2/sk2_plugins/)

SK2 – Simple Digest plugin – Version 1.20 Released

I am pleased to announce another important update to my Spam Karma 2 Simple Digest plugin – the latest version has some great new features developed on the back of the recent heavy spam runs that I am sure many of you have been suffering.

The major updates in this release are as follows:

  1. Ability to order the digest email by karma rather than date and time – this is to help make the possible ham comments that slip into the spam easier to spot as they would now be near the top of the email rather than interspersed (When you start getting 100K+ digests this really helps!)
  2. The last digest timestamp is now updated earlier to help ensure that those of you hit hard by concurrent spam runs don’t get multiple digest emails.
  3. The email now contains some special header information which makes it really simple to filter into a special folder in your INBOX if you want.

Read the rest of this entry »

Tags: ,

SK2 – Simple Digest plugin – Version 1.0 Released

I am pleased to announce an important update to my Spam Karma 2 Simple Digest plugin – the functional changes are small but its worth upgrading to the latest version as some of them may prove quite useful to you if you suffer from high spam levels.

The plugin now boasts a karma threshold setting. Any comment which has a karma below this threshold will not make it into your digest emails which should help sort the wheat from the chaff. The plugin is also ready for translation which I’ve heard may make it into the next SK2 release as well. Both of these changes are courtesy of the zedrdave himself. I have also updated the format of the digest report to make it a bit more readable.

So what are you waiting for? Head off over here to the plugins main page and download the latest version!

Tags: ,


d
go to dashboard
l
go to login
h
show/hide help
e
edit post/page
r
comment on post/page
m
go to moderate comments
esc
cancel