Looks like the trackback spammers are hard at work with a new script of some sort. Woke up to a little over a half-dozen trackback spams this morning across all the blogs I maintain each using random text for the weblog name, domain, and entry. Each had a different IP address so it was able to avoid the limit on trackbacks received in an hour that ExpressionEngine allows you to define. Cleanup wasn’t a big deal as the notification emails all have links in them to quickly delete the entry in question, but it’s annoying just the same so I’m turning on a relatively new feature that adds a random security code to all trackback URLs generated by EE. The idea is similar to captchas—if the trackback doesn’t have the right security code it’s rejected. Not sure how it works in practice so if you try to ping SEB with a trackback in the next few days and it fails then be sure to let me know so I can look into it further.
Update: Looks like the security code option isn’t working quite right. Not sure if I have something set up incorrectly or what, but I’m turning it back off for now.