So as some of you know, this blog used to live on the Talk.org domain. I recently launched a new fun project there (which you should all try out).

An unexpected consequence of this was that I was receiving an awful lot of incoming trackbacks and referrer spam that were getting 404 errors.

So, I decided it would be very easy to write a quick little trackback honeypot for harvesting the IP addresses of these Trackback spammers.

Basically I have a simple rails controller which intercepts all hits to my old Movable Type cgi directory. It then stores an entry containing information about the request in the database. I have a simple little algorithm to decide if it was actually spam or not. This I use to create a blacklist which I can feed directly into my firewall. At the moment I do this manually so I can monitor that it looks correct. It would be trivial however to do this in a cron job.

I might take it down again, but I have published the blacklist for you to use in your own firewall or anti spam measures.

Next job is to create a tarpit akin to OpenBSD’s amazing and hilarious Spamd.