Lately I have been receiving many SPAM trackbacks and comments that my blog handles pretty good as I moderate all non registered comments. Now their is a big hole in trackbacks that will allow anybody to leave spam to my blog without my knowledge. I cannot believe that nobody tried that already.

There are many websites that explain really well what a trackback is and how it works, but in a 10,000 feet overlook, a post can send a trackback to a link referred in the post and leave a message as a blog comment. The only check done is to check if there is a link from the referred post. Do you see the hole yet?

I'm sure that many blogs do check for SPAM in different ways in trackback, however I created a little program using some code from the open source DotNetKicks that will leave a message in any post by setting the referred as its own.

Now the program does not spiders different posts and websites, I just did not wanted to create a spam program, just wanted to prove the concept.

As you know, the problem about spamming using trackback is that many blogs do never moderate or check the trackbacks, so you finish with hundreds of trackbacks with links to websites that you just don't want to go there. The worse part is that your blog will also be marked as a spammer website if many of those links are on your posts. Best to do and I have seen many bloggers doing, is not displaying the trackbacks, or better yet disableing trackbacks all together. Also find the IP address of the spammer and you can added into your blacklist of IPs.

Please leave your comments about trackbacks and how do you handle them on your blog. Please do you spam ;-)

Cheers

Al

You can download the code here. Yes for once I attached the code ;-)