I wasn't aware of the trackback feature introduced in CONF-559. As a consequence our private! Confluence suddenly appeared on a blog-site.

As Confluence is an Enterprise Wiki, which often will contain security relevant information trackback should not be enabled by default.

I think it might also be useful that trackback does not send page-contents, when there is no anonymous access to that page.