Theoretically that sounds like a pretty neat idea. I'll give it a shot when I get my blog back up.

Great!

I have 10 days now without receiving any trackback spam (until the spamers [hopefully not] read this thread and figure out a way around)

But are you sure that all legitimate ones are getting through? Like i'm trying to think of a scenario that would break it, but I can't think of any! Probabally only if the trackbacker is playing silly buggers, in which case dosn't really matter. Oh what about if say blogger.com does it, as they have hosts all over the world (i'm guessing), maybe the ip addresses would be different? But if you check the ips of the domains the same way (by doing a request), instead of just $_SERVER['whatever it was'] then it should be fine. :) Good work.

Or maybe say for live spaces, they might host the blog on whatever server the user's country is. And maybe the site that posts it is different?

When I get my blog up, I'll go test all these theories.

Haloscan is the only scenario I had thought but I never receive anything from that service.

At least my own trackabacks go through! :-) Since I'm not the most popular blogger on earth, I don't receive many legitimate trackbacks (almost none, in fact) and I don't have a way to test this. Maybe somebody here can send a couple of trackbacks to see how things works.

Hi I'm going to try it on my blog now, I get a lot of traffic, so it will be interesting to see :) Will let you know how it goes :)
- If you want to test it out on mine and your blog, I'm up for firing off test trackbacks / receiving them.

Edit: I've made a few changes to the plugin, cleaned things up. Was there a reason with it being opt-in rendering though?

Anyway I you can get my changed one here http://www.balupton.com/blogs/plugins/download/dns_antispam_trackback_plugin.zip

Hope you don't mind, and hope it helps :)

I've just installed it to a blog of mine that gets a small amount of traffic each day. The trackback spam only started when I upgrated to 1.10.

Balupton, does your change mean I don't have to do anything up install the plugin? Will it work for existing messages, or only for new ones?

For new ones. It will try to block new trackbacks coming from hosts different than the refered host. As far as I can see, you can just upload the updated povided by balupton and things should keep working without any intervention on your part, but I haven't done it yet. YMMV.

Yeah my change only cleans up the code (if that), no feature changes or anything. Austriaco is the mastermind :)

Austriaco, for the problems were it is a legit blog but using a different domain, maybe it could check the hostname against a known good hostname, so make a white list?

Oh btw, so far so good on my blog, not sure if any legit trackbacks have got through though... Mind throwing one at me sometime? http://www.balupton.com/blogs/b2evo?title=dns_trackback_plugin_the_proper_solution&more=1&c=1&tb=1&pb=1 (hope you like my little shoutout to your plugin, and should drive some traffic to it)

One of the earlier posts states this will work for new posts but not for existing posts... Is it possible to go back and re-save existing posts once this plugin has been installed?

jj.

The bit you read meant, "it'll work for any trackbacks that occur after the plugin is installed" even if they're on an old post ;)

¥

Ah, ok.... I really need to start getting more sleep. :)

jj.

Me too ;)

¥

Ok... if I understood the description of this plugin correctly it´s not the same what I´ve seen yesterday by sending a trackback to a site without having the exact same URL linked in my post. My trackback was denied but after I saw my error, I added the source URL directly in my post and send the trackback again, and this time it works... Is the DNS plugin the same or is that what I wrote another possibility to increase spam trackbacks... Is there a b2evo plugin available what does what I have described?

No, Daniel, it's not the same. This plugin will check that the IP addresses of the trackback sender and the trackback "referee" are the same. Let's say you receive a trackback pointing to www.domain.com and www.domain.com has IP address "X", but the trackback was sent from another machine, which has IP address "Y". If "X" != "Y" then the trackback will be rejected. (read the "rationale" for the plugin: http://forums.b2evolution.net/viewtopic.php?t=10584 maybe it will help to clarify he concept)

Hey Austriaco, probably a good idea to submit it to http://plugins.b2evolution.net/ and get it mainstream, so far working perfectly for my blog, wordpress.com trackbacks someone said don't go through, but oh well.

I have created a new version of this plugin, which I believe can handle the wordpress,com trackback cases (Further testing needed!) and also I submited it today to plugins.b2evolution.net. I thought, well, with more than month deployed it was about time. Official Web page of the plugin: http://sw.liberal-venezolano.net/sw.php/2007/08/22/dns_trackback_anti_spam_plugin

Have fun.

Cool, I've updated as well. What is the opt-in rendering for though, I still don't know why it's there?

I'm sorry. I'm so sloppy! The renderer stuff is there because it was in the plugin skeleton that's provided as sample. Remember, this was my first plugin, so I didn't know exactly what should be in and what out, so I left everything in! I will update, when I have some more time. Thanks Balupton.

Hi Austriaco.

I've tried to post this as comment on your blog, but there's something strange there :D

The comment:

I think that still doesn't work with wordpress.com trackbaks!

I have installed the prior version, and can't receive the wordpress trackbacks. I have read the code and done a little test, and still doesn't work. I can send you the trackback that I send to my self to you!

The comment has came from 72.232.131.30 but the ip of the wordpress blog is 72.247.132.199

[]'s
- Walter

Thanks Walter, I solved the problem with comments on my blog.

I sent I trackback from a wordpress.com blog I created specifically to test. I should have done this before. The request came from IP 72.232.131.30 even though the blog adress corresponds to IP 88.221.120.199.

So, it seems to me Wordpress.com is sending trackbacks from a centralized server, different from the ones which serve the blogs. This would make sense, since they collect all trackback requests from every *.wordpress.com blog and then send them in batches or something like that.

Now, assuming the above is correct, the question is whether they use only one server for sending trackbacks or several of them and we were just lucky to have sent trackbacks from the same trackback server.

Moreover, They can change this central trackback server at their discretion at any time, which would require a change inside the plugin everytime it happens, is it happens.

For the time being, I guess I can hardcode the IP address of the suspected wordpress.com trackback server and see what else come to mind.

Does this: [url=http://nl3.php.net/gethostbyname]gethostbyname[/url] help?

*edit*
or [url=http://nl3.php.net/manual/en/function.gethostbyaddr.php]gethostbyaddr[/url] together with a [url=http://nl3.php.net/manual/en/function.preg-match.php]preg-match[/url] for 'wordpress'?

Austriaco wrote:

For the time being, I guess I can hardcode the IP address of the suspected wordpress.com trackback server and see what else come to mind.

Alternatively you could add a textarea setting and have a "whitelist" of ip address's ( 1 per line ) which would make adding/removing/changing the ip's far easier ;)

¥

I like the idea of a whitelist. Now, that raises one question:

If I want to add settings to the plugin, do I have to deal with DB stuff? The settings would have to be saved somewhere.

You define them in GetDefaultSettings then use $this->Settings->get/set, take a look at the test plugin :)

Alright, I implemented the textarea for a whitelist. One question I have before publishing the new version: How do I initialize a multiline variable inside the plugin. The thing is that I've checked wordpress.com sends trackbacks from at least 6 different hosts:

72.232.131.30
72.232.131.29
72.232.131.31
72.233.2.49
72.233.2.30
66.135.48.143

Plus three more for haloscan.com:

72.9.234.71
72.9.234.77
72.9.234.70

and I think it would be nice to povide at least this set of IP addresses to the user.

What I'm doing now is:

function GetDefaultSettings()
  {
    return array(
      'whitelist' => array(
        'type' => 'textarea',
        'label' => $this->T_( 'IP whitelist' ),
        'defaultvalue' => '72.232.131.30',
        'cols' => 15,
        'rows' => 10,
        'note' => $this->T_('Input one IP address you want to exempt per line') )
      );
  }

Just use implode and explode with say '|' for the separator, but if you really want multi line then do str_replace("\r", '', $var); and explode/impode("\n", $var); As new lines are either \r\n or \n.

But afwas's suggestion of gethostbyname is a good one as well as say all those ip addresses you just posted might just return the string "haloscan" or whatever making the need for a whitelist unnecessary.

function GetDefaultSettings()
  {
    return array(
      'whitelist' => array(
        'type' => 'html_textarea',
        'label' => $this->T_( 'IP whitelist' ),
        'cols' => 15,
        'rows' => 10, /* perhaps a larger number here */
        'note' => sprintf( $this->T_('Input one IP address you want to exempt per line')),
        'defaultvalue' => '
72.232.131.30
72.232.131.29
72.232.131.31
72.233.2.49
72.233.2.30
66.135.48.143
72.9.234.71
72.9.234.77
72.9.234.70',
        ),
      );
  }

Hope I didn't make any unintentional typos.
And do check version compatibility. I took the basic code from B2evo 2.0a and didn't check anything.

*edit*
I edited this post, added the last line (important) and disabled smilies.

Thanks balupton,

The thing is, for instance, I sent 6 trackbacks from anarcocapitalista.wordpress.com, which is an alias for e1143.c.akamaiedge.net, which in turn has IP address 88.221.52.199 (This would be the result of gethostbyname("anarcocapitalista.wordpress.com")), but the Trackbacks where sent from different hosts, none of which has any relation to anarcocapitalista.wordpress.com (those are the IPs I mentioned above).

Austriaco wrote:

Thanks balupton,

The thing is, for instance, I sent 6 trackbacks from anarcocapitalista.wordpress.com, which is an alias for e1143.c.akamaiedge.net, which in turn has IP address 88.221.52.199 (This would be the result of gethostbyname("anarcocapitalista.wordpress.com")), but the Trackbacks where sent from different hosts, none of which has any relation to anarcocapitalista.wordpress.com (those are the IPs I mentioned above).

Sometimes you just wish things to work the way you want them to.
I'm afraid the list you provided is only a beginning. They're probably IP ranges, so be prepared to change the code to 72.9.234.xxx etc.

Another potential source is Typepad. Any other service like that which could be source of trouble?

Can you test thsi version? I mean, you can install it, but can you make a trackback to the blog where the pluigin is installed from one of the whitelisted IP's?
At least:
a) the list shows in the backoffice -> App Settings -> Plugins -> DNS Antispam Trackback (Now tested in 1.10)
b) It shows you how to call the settings:

$this->Settings->get( 'whitelist' )

If I did the if and elseif correct, it first checks if the $url_parsed is in the whitelist.
Unfortuantely I don't have a 1.10 bog online, so I can't test if it does what was intended.

TODO: write the added IP's to database or file. In this version newly added IP's will disappear if the plugin is uninstalled and probably when the server is reset.

Based on the version by balupton, hoping that is the most recent

*edit
I removed the test version, look for the post by Austriaco for the next develpment version.

I liked it!

But, the settings of all the plugins disappear when the plugin is uninstalled no?

Walter wrote:

I liked it!

But, the settings of all the plugins disappear when the plugin is uninstalled no?

What do you mean? The settings from the plugin are destoyed when you uninstall the plugin, but that is supposed to be.

The version I posted is for testing purposes. It's Austriacos plugin and only if he decides to publish it's a new version. But, you can test it, that's what a test version is about. Report back a) if spam gets through and b) if no spam gets through, does it make exceptions for the added IP's.

Good luck

Sorry for the ambigous phrase.

The settings from the plugin are destoyed when you uninstall the plugin, but that is supposed to be.

it's what I meant :D

You can manually add IP's in the back office of the plugin. Whatever you store there is not saved. You can also change the plugin's php file. There IP's are stored and saved if the plugin is newly installed. But this is not the most user friendly way to store settings, so a little work from the developer is required.

It's possible to create tables with the installation of the plugin, but AFAIK, these tables are removed with the uninstall proccess.

Walter wrote:

It's possible to create tables with the installation of the plugin, but AFAIK, these tables are removed with the uninstall process.

Yes, it is going to be a solution like that. I am curious how many IP's eventually will be eligible for the list. Ranges of IP's or just a dozen or hundreds ...

I have released a new version (0.3) of the DNS Trackback plugin for b2evolution. Announcemente and download [url=http://cronicaslinuxeras.com/antispam_plugin_for_b2evolution_version_03]here[/url]. This version implements (I believe) the suggestions made in this thread for a whitelist, editable in the backoffice. So far it is working, but more testing is required to discover new "trackback servers" if you will.

Thanks to all who have commented and helped in testing.

1. Daniel wrote:

Ok... if I understood the description of this plugin correctly it´s not the same what I´ve seen yesterday by sending a trackback to a site without having the exact same URL linked in my post. My trackback was denied but after I saw my error, I added the source URL directly in my post and send the trackback again, and this time it works... Is the DNS plugin the same or is that what I wrote another possibility to increase spam trackbacks... Is there a b2evo plugin available what does what I have described?

The basic antispam plugin (shipped with b2evo) has an option for this ("Check referers for URL"). This downloads the source and checks if it contains your URL.

2. I really like the idea of this plugin. Thanks, Austriaco!
If it would not need a whitelist, I'd add this functionality to the basic antispam plugin. But a whitelist gets to "advanced" IMHO.
But I'm not sure about it.

Maybe it makes sense to optionally hook into GetSpamKarmaForComment, to provide a score based on the observations made?