Reader Mail: Webmention Spam

I received an email yesterday from Eli Mellen, and with Eli's consent thought I am replying publicly.

The email in question:

Hey there!

No worries about this, but I wanted to let you know that something may be going awry with your website's implementation of webmentions -- you 'liked' one of my posts a while ago ( and I've received 1 or 2 webmentions every day since. No big deal, but wanted to let you know in case that wasn't intentional.

All the best, Eli

My response:

Hey Eli!

Thanks for getting in touch.

Yes this is expected, but thanks for letting me know. Is this an issue for you? Ie are you getting a push notification each time and I need to stop that?

I remember having this conversation at the time I released my functionality and Aaron Parecki asked me to limit the number I sent to as it wasn't being handled right, but that technically I wasn't doing anything wrong as a webmention receiver should handle repeated notifications and de-duplicate them as required.

I do have some work on my backlog to send them more intelligently but I've not got round to that yet.

But as I say, if it is causing an issue for you please let me know.

Would you be OK me publishing both your email and my reply on my website, so others have a record of it if they want to ask the same thing?

Best, Jamie

And Eli's final reply:

Groovy! No issue on my end. I only noticed because I get a push with every one. I can mute those pretty easily, though.

I think the worry, as Aaron pointed out, is that a high volume of webmentions sent in this manner could quickly turn into something like a DDOS attack by accident. The volume is fairly low across the indieweb, but central hubs -- sites with more traffic -- could be susceptible.

If you're seeing lots of webmentions from me, I'm sorry but until I have put in the work to intelligently send the webmentions, this will happen for a while! It's been on my TODO list for a while, it turns out I hadn't raised the issue yet.

Written by Jamie Tanna's profile image Jamie Tanna on , and last updated on .

Content for this article is shared under the terms of the Creative Commons Attribution Non Commercial Share Alike 4.0 International, and code is shared under the Apache License 2.0.


This post was filed under articles.

Related Posts

Other posts you may be interested in:

Interactions with this post

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.