Several MT users has emailed me to write a Captcha solution to the latest trackback spams problem. Unfortunately, Captcha cannot be easily integrated with trackback. In fact, trackback spams are harder to catch because both legit and spams trackback are normally send by machines so any tools that tries to differentiate human from machine will not work.
Nevertheless, I promised to do something about it so here is it: MT-TrackbackAntiSpam.
(To install, unzip, put it in your plugins/ directory and make sure it is executable)
The way it works is fairly simple – if the incoming trackback does not come from the host as stated in the URL, we reject the trackback. For example, if a trackback from url http://online-poker.psxtreme.com/ comes from 194.63.235.156 (an open proxy), then it is likely to be spam. (online-poker.psxtreme.com does not resolved to 194.63.235.156).
This solution has two pitfalls however: (1) it does not stop spammers from sending trackback spams from their own host – a small problem for now because spammers has been hiding behind open proxies (2) it may reject legit trackback if it is not sent by their blog-engine (e.g. blogging client)
Nevertheless, I been using it on my Drupal4Blogger for a while and it has been working well. I hope this works out for MT users too.