2 Matching Annotations
  1. Apr 2021
  2. Mar 2021
    1. SquareWheel 4 hours ago [–] I agree, but I think it's also worth learning from past experiences. Pingbacks do create a significant spam problem. How does Webmention.io cope with that?

      Based on experience with Pingbacks, the Webmention specification requires the sending site to have a mentioning URL on a publicly available web page. This requirement by itself cuts down significantly on spam as it increases the cost of sending it. (Pingbacks/Trackbacks didn't have this requirement so it was easy to programmatically spew spam in all directions.) In addition to this, there's no requirement to show the received Webmention, so there's less benefit to some spammers in these cases.

      Many people who do receive and display them have separate mechanisms to moderate them before display, which also tends to minimize spam. Other sites that support Webmentions also dovetail with anti-spam services like Akismet which can help filter out spam out as well.

      And this is all without anyone adding the Vouch extension to the Webmention spec.

      Keep in mind that webmention.io is just a third party service to allow sites to use and leverage Webmention notifications without needing to write any code. Many major CMSes like WordPress, Drupal, Craft, WithKnown, et al. either support the spec out of the box or with plugins/modules. Each of these can also leverage anti-spam methods they have available separately. As an example of this, the WordPress plugin has an allow list for automatically approving webmentions from sites one regularly communicates with.

      The idea of Webmentions has been around for almost a decade, and the spec has been a W3C recommendation since 2017. Only one suspected case of Webmention spam has been reported in the wild in that time. I'd conservatively estimate that with 10,000+ independent websites sending/receiving over 2 million Webmentions in the past several years, it's not a bad start. For more details, ideas, and brainstorming for your potential use-cases see also: https://indieweb.org/spam