Kartik Prabhu
I would like to suggest that abuse/spam-prevention could be solved by the usual site-level methods and a good UI/UX flow. Here is my hypothetical solution based on some user-flow borrowed from existing systems/silos.
1. The web software I install has a webmention-processor which comes with a built-in white/blacklist and possibly a spam-detection AI like Akismet. All of these installations are optional of course.
2. When I receive a webmention, it is marked for asynchronous processing ( with optional manual moderation ).
3. There also is a personal blacklist, to which I can add a sender-domain (similar to Twitter’s block user functionality) by a click of a button on the said response or in a moderation list.
4. The processor then uses the following priority list personal-blacklist > global-list > AI to decide if the webmention should be processed at all.
The steps above could be enhanced by GPG-encryption, rate-limiting using time-limited endpoints, comparisons with some friends/following list.
What do you think? @kylewm @t @joeld @gregor #indieweb
I haven’t encountered enough webmention spam to implement any of these yet. So take them with a “fistful of salt”!
Kyle Mahan
Kartik Prabhu
Tantek Çelik@joeld
gRegor Morrill I think the “social network” nature of #indieweb gives us an opportunity to do better than existing blog or email spam whitelist/blacklist/heuristics.