Replied to a tweet by Dan York (Twitter)

Dan, since you’re in the WordPress space, there are several pieces in place there. Akismet and other anti-spam tools can still be used to filter webmentions just like any other comment/response on your site.

If you moderate your responses on your site, the webmention plugin has an “approve & always allow” function as well as domain allow-listing for people you know and trust.

It also bears saying: there’s also nothing that says you have to display webmentions on your site either, you can use them simply as notifications on your back end.

In my experience, I’ve also seen people strip active links, scripts, etc. out of their received webmentions as a security precaution. I believe that the WordPress suite of IndieWeb plugins does this by default.

If you need/want to go further, you could work on implementing the Vouch extension of Webmention. Any additional ideas or brainstorming you’ve got to help mitigate these sorts of harms is most welcome.

For the record, for Webmention to work as a protocol, it requires a link to your site to actually appear on a public web page–something neither trackback/pingback required and made them even easier/cheaper to game.

Read Spam almost vanquished by Jeremy Cherfas (jeremycherfas.net)
I really wanted to post this 3 days ago, on January 10th. That would have been one year since I started recording the amount of spam I was getting over on my micro-site. I first noticed the problem in November 2018, and in January 2019 started keeping track. This graph shows all the data from the pr...
Replied to a post by Johan BovéJohan Bové (Johan's Known)
Interesting experiment Chris. Too bad that the spam-bots found this site so fast. Especially for that reason I'm keeping the public comments on my own instance closed. What are you using for keeping webmentions to your site spam-free?
To my knowledge, there has yet to be an instance of spam within the broader community using Webmention. Of course, if it does become a problem there are community-based plugins like Akismet which have been very effective in the past. Others are also experimenting with building the idea of Vouch to extend Webmention as well.

cc: Chris Aldrich

👓 The spam technology ecosystem expands | Language Log

Read The spam technology ecosystem expands by Mark Liberman (Language Log)
Wikipedia describes academia.edu as a for-profit "social networking site for academics", whose misleading .edu domain name "was registered in 1999, prior to the regulations requiring .edu domain names to be held solely by accredited post-secondary institutions". For my part, I'd describe academia.edu as "a source of large volumes of annoying unsolicited email".
Replied to a tweet by Christopher TomlinsonChristopher Tomlinson (Twitter)
I suspect I’m missing some context, but taking a stab: the bots are hoping you’ll accept/approve their replies so that you put their links on your page for future clicks as well as SEO purposes. Like most spam operations, they just need an ~2% response rate to make the few cents that make doing this worthwhile. I personally blacklist some of the worst offenders by domain name, IP address, or judicious keywords.

👓 WordPress spam statistics: comments, pingbacks, trackbacks | Ryan Barrett

Read WordPress spam statistics: comments, pingbacks, trackbacks by Ryan Barrett (snarfed.org)
Comment spam is one of the most common forms of WordPress spam, if not the most common. Here are some anecdotal statistics for this site. During the month of November 2014, snarfed.org received 796…

👓 UDP spam from DirecTV boxes | Nelson’s log

Read UDP spam from DirecTV boxes by Nelson Minar (Nelson's log)
I was watching my new Linux server’s bandwidth graphs closely and noticed a steady stream of about 70kbits/sec I couldn’t account for. 24kbps of that is my three DirecTV boxes sending U…

👓 Dear Marketing by Email “Experts” I’m Serious About Messing With You | CogDogBlog

Read Dear Marketing by Email “Experts” I’m Serious About Messing With You by Alan Levine (CogDogBlog)
Hi, Hello. I was wondering whether you’d be interested in selling advertising space on Does the phrase “No, not even after hell freezes over” mean anything to you? The advertiseme…
This is pretty hilarious. I definitely need something like this for my site.
Maybe I wouldn’t hate spam calls so much if people weren’t spoofing telephone numbers, pretending that they knew me based on two data points, or they didn’t so obviously sound like they were calling from the noisiest boiler rooms on the planet. If you’re going to try to waste my time you could also be a bit quicker about it.

On the other hand it is nice to get old school in person phone spam instead of the auto-dialed, pre-recorded nonsense I have been getting.