I've always had to deal with it, and I don't find MT's spam modules to very helpful in easing the pain of managing trackback spam. So I thought it might just be worth blocking some IPs. I did a little grep and without any further ado I present the numbers taken from 6 months worth of apache logs;
Sometimes I wish I could easily group by CIDR on the CLI
root@localhost# zgrep tb.cgi access.log* | awk '{print $1}' | sort | uniq -c | sort -n -r |head -25
3390 74.86.238.186
471 206.51.226.198
451 208.53.130.221
435 64.34.172.35
329 66.96.208.53
318 67.159.44.159
299 65.60.37.195
257 76.73.1.50
248 208.85.242.212
188 208.53.137.178
169 72.167.36.70
161 208.43.255.125
148 212.227.114.150
140 65.18.193.119
139 74.63.64.94
138 69.65.58.166
137 66.197.167.120
136 208.109.171.65
129 74.86.60.98
128 66.45.240.66
120 64.59.71.191
113 67.159.44.63
99 64.202.163.76
98 85.17.145.7
93 64.191.50.30Sometimes I wish I could easily group by CIDR on the CLI
Are those port numbers as well?
You never know when you might need a proxy in a pinch.
Found you through twitter.
Love your tweets.
No, the first number is the count from uniq -c which shows how many supposed trackback hits each IP has made.
If you're looking for SpamLookup help, the old "project" page on my site was for the pre-MT 4 version. SpamLookup moved to the MT core, so it's officially supported by Six Apart. Shoot me an email if you need special assistance with configuration. Have you enabled TypePad AntiSpam? It's pretty effective, IMHO.
The typepad lookup is enabled, I am also using spamhaus' zen rbl. My main concern is that all valid comments have been flase positives (marked as spam). And all trackbacks seem to bypass my custom word based blacklist.I tried both regular words and /regex/i yet the blue pill trackback spam keeps coming.
I guess I should prepare another patch for six apart then that updates the documentation links to valid urls. Thanks for the quick follow up to my tweet.