[pmwiki-users] Spam Blocking Proposal

Wendell Brown wbrown at arkie.net
Tue Mar 28 16:51:37 CST 2006


Neil Herber wrote:
> I do make use of IP blocklists for my mail server, but email spammers 
> are a different kind of animal from wiki spammers. I would be very 
> reluctant to use any IP-based list for detecting wiki spam because the 
> IP in question is the IP of a browser, not of a supposed mail server.

The black list I was referring to (web.dnsbl.sorbs.net) is described as 
follows:

    List of web (WWW) servers which have spammer abusable
    vulnerabilities (e.g. FormMail scripts) Note: This zone now includes
    non-webserver IP addresses that have abusable vulnerabilities.

It seems that the vast majority of the bots I'm being bitten by are 
running on machines already identified as being abusable machines 
(probably a bot net).

> However, there is a different kind of list (which I also use on my 
> mail server) used to check URIs in the message body:
> http://www.surbl.org/
> It is very effective in a mail server environment, but I am not sure 
> how well it would work in a PmWiki script, because there is a lot of 
> preprocessing followed by a DNS lookup. Implementation details are on 
> the SURBL site.

I haven't looked too closely at surbl, but I will.  Thanks for the heads 
up!  The code to do the lookup I'm considering actually isn't too bad.  
Here is what I used:

    $lookup = implode('.', array_reverse(explode('.', 
$_SERVER['REMOTE_ADDR']))) . '.' . 'web.dnsbl.sorbs.net';
    if (gethostbyname($lookup) == "127.0.0.7" )
        return( "IP Blocked by sorbs.net" );

-------------- next part --------------
An HTML attachment was scrubbed...
URL: /pipermail/pmwiki-users/attachments/20060328/3fccf102/attachment.html 


More information about the pmwiki-users mailing list