Drupal's Trackback_blackhole module: The Final Solution for Trackback Spammers.

Well, it finally happened. I've finally turned off the trackback ability on KnowProSE.com - and it isn't because of the good trackbacks I have gotten in the past, but because of the literally thousands of trackbacks this site has been getting every day.

This probably has to do with the fact that KnowProSE.com has moved from being a relatively small site to being one which is... at the low end of large. The Drupal.org site is multiples larger than KnowProSE.com, LinuxGazette.com is probably going to be surpassed within the next few months (only 700 nodes ahead), and suddenly the realization hits. Larger site, different rules.

For those of you using Drupal, and have the trackback module - it's a great module, but will require the Spam module 2.0 (Not on the Drupal site because of a variance in licensing) and some tweaking to get things working right. Still, if you're getting a LOT of trackback spam (as this site was), nobody thought of adding a 'check all' in the approvale queue, so you may have a lot of clicking to do. Smile. Or hack a 'check all' into the Spam module.

The other problem with the trackback module is that, if you get a lot of trackbacks (spam or otherwise), your bandwidth spikes - and the more stuff you have on a site, the more likely your bandwidth will spike because of trackback spammers. The Spam module 2.0 has a module hidden within it which is especially worthwhile, called the trackback_blackhole, which is the ultimate in 'turning the other cheek' - from the ReadMe file of the module:

...The trackback_blackhole module should only be enabled on Drupal sites that do not use the trackback module. It is intended to minimize the impact on resources of a trackback spammer attempting to leave trackback spam on your website.

With the trackback_blackhole module enabled, any attempts to post or view trackbacks on your site will simply be greeted by a blank page. This essentially short circuits the normal Drupal path, which would instead generate a 404 error. The problem that this module attempts to solve is that trackback spammers tend to post phenomenal amounts of trackback spam, and generating a 404 error for each attempt is a waste of resources that can ultimately lead to a Denial of Service. Additionally, this prevents the trackback attacks from filling your watchdog logs with repeated 404 errors...

It's really quite a sad thing to do, but - the same groups who say that they are powerless to stop Spam on the internet are the same groups who exercise the same lack of wanting a solution when it comes to trackback Spam. We all know that they just have to follow the money.

But it's much easier for them to sell you anti-spam software, now isn't it? Internet Governance, coming soon to Comedy Central...