Hi.
I wrote an article about averting trackback SPAM right at the server without letting them intrude into the S9Y blog:
http://blog.brockha.us/index.php?/archi ... ehren.html (an English version of this article is available, too, by switching the language chooser at my site).
Another very good protection against SPAM bots is the "Trackback/Pingback: ip validation" of the AntiSpam Plugin.
These two protection made my blog free from published trackback SPAMs.
The first option is the best, because it decreases the server load a lot for DoS like spamers. But you have to do something for it to make it work.
The second one (IP validation) is the most efficient, because it will work automatically on Spamers not known yet, too. But it will do nothing about the server load, as the Spamer reaches the blog with this method (but publishing will be prevented at least).
I use both. The method using the .htaccess file is my first line of defence preventing many spamers from reaching the blog by sending them an ACCESS DENIED. The second line is the IP validation, that filters out the spammers who made it through the first line of defence.
This is working extremely good at my blog: I had no published SPAM trackbacks and no false positives.
