Antispam Bee Not Marking Obvious Spam Trackbacks as Spam
-
Hi. I have Antispam Bee version 2.11.2 on a WordPress site using WP version 5.9. The plugin is doing a great job of filtering out spam, except for trackbacks. Every day, multiple trackbacks that are clearly spam fail to get marked as spam. I get notified of them to get my approval. I have to keep going in and manually marking them as spam.
I’m not sure why these many trackback comments aren’t getting marked as spam. I believe I have the plugin settings set up in a way that should catch them. I have “Do not check trackbacks/pingbacks” unchecked. I have “Check complete site markup for comment forms” checked. These trackbacks are very obvious spam based on their contents.
Any idea how I can get Antispam Bee to start marking these trackback spam comments as spam? Thank you.
-
Hi @systemi
I experienced the same (not that many, but not typical for ASB to not catch them).
Can you share more details via our form with us?
https://goo.gl/forms/ITzVHXkLVLThis would be great! I will check with the team what is happening here and how to (hopefully) fix it.
Thanks for reporting!
All the best,
TorstenTorsten,
Thank you for the reply. On the Google form you are wanting me to put in the details of one of the trackback comments that failed to get marked by spam? Is that right? There are sometimes many in one day. So do you want me to just choose any one of them and input the details on the form? Or do you want me to fill out the whole form multiple times for multiple different trackback comments that failed to get marked spam?
Or do you want me to fill out the whole form multiple times for multiple different trackback comments that failed to get marked spam?
That would be best, because we try to find the common pattern we could use to detect the spam. If every data point is changed for every new trackback it is not easy to detect.
I’ve opened a new issue on GitHub for this (with the two spam trackbacks I got):
https://github.com/pluginkollektiv/antispam-bee/issues/489Maybe we can find a common pattern …
Torsten,
OK I submitted a handful of the comments that are obvious spam but did not get marked as spam just in the last couple days. I get several a day so I could submit plenty more. If you want me to submit more, let me know how many is enough. Otherwise, perhaps you can look at the ones submitted so far and see what you can make of it. If you need more information or want to update me on the case, just post in this thread. Thank you.
Thank you very much. This is fine for the moment. We will have a look!
If you need a fast solution, you can try to build a custom pattern yourself.
Here you can see how to do that:
https://github.com/Zodiac1978/custom-patterns-asbHi @systemi
looking at the definition from IndieWeb.org: https://indieweb.org/Trackback#Lack_of_link_verification I would say, that Trackback is dead and can be ignored completely. There are no real trackbacks send for over a decade now (in the team members blogs).
We are refactoring ASB at the moment and the upcoming v3 will have an option to disable trackbacks completely.
For solving your actual problem, you can install this plugin to disable trackbacks completely:
https://github.com/dshanske/stop-trackbacksHope this helps!
All the best
TorstenJust to give you an idea of the scope of the problem, I have 27 of these trackback comments, all very obvious spam, not detected by Antispam Bee in just the last 5 days.
I’m not sure about that claim that there are no real trackbacks for over a decade. I have a couple real trackbacks to my own site in the last 3 years. Maybe I’m missing some technicality in what you mean by that.
What confuses me is that regardless of the comment being a trackback or not, the content of all of these comments are so incredibly obviously spam that I don’t know how they aren’t being filtered out solely because they happen to be trackbacks. And this is even after I’ve manually marked hundreds of these as Spam myself over time. It isn’t even learning from those either.
I’m torn on whether to just disable trackbacks entirely as the solution to this problem. It probably wouldn’t be an issue as I never got that many real trackbacks anyway. But I don’t agree that there are no real trackbacks for a decade from my own experience if you simply mean a comment that shows a real site with a real link to that post. And while I may just not understand the details of how this works enough, it seems like the comment being a trackback shouldn’t be the focus here. Rather the focus should be on how comments of any kind with these kinds of obvious spam language and websites in their contents are getting through Antispam Bee, especially after so many previous ones being marked manually from which it could learn.
Hi @systemi
all very obvious spam, not detected by Antispam Bee in just the last 5 days
very obvious for a human. But not easy to detect. The trackback provides us only with 4 elements: title, excerpt, url and blogname (additionally IP and host from the submitter).
Title and blogname are changing for each trackback and are not containing the same spam keyword. The excerpt is only containing the word “trackback, the link, and a changing introduction, like (Read more, Find more info, etc.) – all this is not suspicious and not easy to detect, because it comes from different IPs and hosts, and there is no marker which is the same for every trackback.
I have a couple real trackbacks to my own site in the last 3 years.
Maybe you are confusing it with a Pingback?
this is even after I’ve manually marked hundreds of these as Spam myself over time. It isn’t even learning from those either.
This just works if you have enabled the local spam db feature and are not deleting the spam. We do not have a self learning filter. We just compare it with the existing spam from your spam “folder” if this is enabled. This does work for spam coming from the same IP/Host, after the first one is marked as spam. If the IP is changing for every trackback (because the spammer is using a botnet) this does not help.
Rather the focus should be on how comments of any kind with these kinds of obvious spam language and websites in their contents are getting through Antispam Bee, especially after so many previous ones being marked manually from which it could learn.
I tried to explain the difficulties above. If you can think of an easy way to detect all those trackbacks, please try it out yourself: Our custom patterns feature is open to everyone (see: https://github.com/Zodiac1978/custom-patterns-asb for an example). If you have an idea which is not possible to achieve with a custom pattern, please contact us here or on GitHub. I’m happy to try and built it.
There is one more idea (which you can see at the issue linked above) and this would be to verify the link. This is not part of the trackback specification and therefore not part of WordPress, but other CMS do that. ASB could add this verification. At the moment we think trackbacks are not used widely anymore and are not sure if it makes sense to build this, if no non spam trackback is used in the real world. But if more users chime in, that think this is still used, we can build such a link verification. Looking at the examples, the URL is always not reachable or a parked domain and is therefore not containing the link and would have prevented every trackback.
Thank you for the thorough reply.
I probably don’t understand how the filtering works technically. I feel like a lot of the normal spam comments also have tons of different IP’s, hosts, etc. Yet somehow it learns to catch them and almost none of those ever get through. I don’t know why it’s harder to detect the same kind of spam in trackbacks. But I trust you that it is.
As far as the comments that I believed were legitimate trackbacks in the last few years, I looked into it more closely and you’re correct that they aren’t. When I get an email notification from WordPress about a new trackback, the email specifically says I have a new trackback to approve. But for the ones I was referring to, which look similar in that they contain an excerpt of a post on someone else’s blog that links to mine, in those notification emails it just refers to it as a new comment, not a trackback. I’m not sure if they’re pingbacks – perhaps if they were, the notification email would say pingback in it? – or were posted some other way. But they are not trackbacks. So you are probably correct that I do not get any legitimate trackbacks and haven’t for a long time.
So at this point, if you think it’s best to just turn off trackbacks, either within WordPress or with some feature you’d add to Antispam Bee, I could do that. If you want me to let them keep coming in for a while to provide more information to you, I can do that. I am getting about 5 of these spam trackbacks a day. Just tell me what you’d prefer.
It could be a good idea to verify the link in the trackback as a way of weeding these out. Again, probably due to my own ignorance, I’m confused as to why the exact same mechanism couldn’t be used for all comments, trackback or not, to verify the link posted is an actual link. I guess with trackbacks you’re saying there could be an additional step, beyond just verifying the link in the comment is a working link itself, of also checking if the link on our own site is actually on the other site as claimed. But since URLs that are not reachable or on a parked domain can be weeded out, this seems like it could be done regardless of the form of comment and isn’t specific to trackbacks.
Hi @systemi
So at this point, if you think it’s best to just turn off trackbacks, either within WordPress or with some feature you’d add to Antispam Bee, I could do that.
I would recommend to use the plugin I already mentioned:
https://github.com/dshanske/stop-trackbacksIf those are spam trackbacks, they will get blocked then and the problem is solved for the moment.
For ASB there will be more options in the future (for example: send those trackbacks to spam to fill up the local spam database, link verification, etc.), I think. This will be discussed with the team.
I’m confused as to why the exact same mechanism couldn’t be used for all comments, trackback or not, to verify the link posted is an actual link.
Pingbacks and trackbacks are systems to inform a blog about a post linking to your blogpost. Pingback has link verification built-in. Trackback do not have that. A comment does not necessarily have an URL (and those URLs do not have to contain a link to your blogpost). So we could add a link verification for a trackback, because a trackbacks need to have backlink to you.
I guess with trackbacks you’re saying there could be an additional step, beyond just verifying the link in the comment is a working link itself, of also checking if the link on our own site is actually on the other site as claimed.
Exactly. Neither is done for the URL of a comment or a trackback at the moment. And the latter makes only sense for trackbacks.
But since URLs that are not reachable or on a parked domain can be weeded out, this seems like it could be done regardless of the form of comment and isn’t specific to trackbacks.
No, the URL is optional and sometimes people type something crazy in it like “no website”, or they make a typo, which would bring this to the spam folder. Nothing we would do because of the possible false positives. For trackbacks this would work, because this only happens automatically and only if the website is live and reachable and contains the link. So verification should be working.
Hope this helps!
All the best,
Torsten
- The topic ‘Antispam Bee Not Marking Obvious Spam Trackbacks as Spam’ is closed to new replies.