[geeklog-users] Comment Spammers

Bob Apthorpe apthorpe+gl at cynistar.net
Wed May 26 10:34:48 EDT 2004


On Tue, 25 May 2004 17:05:15 -0500 (CDT) "Zach Shelton" <mail at zachofalltrades.net> wrote:

> just an idea:
> 
> Does there exist a registry of porn site URLs similar to the ones
> maintained for spam blacklists? If so, then it would be possible to check
> against such a list and reject any comment that contains a link to a site
> on the list...

Leveraging other anti-spam resources, you could parse URLs out of
comments and check their domains against the SURBL
(http://www.surbl.org/), taking care to scrape out hostnames and known
rediriectors. The implementation guide at
http://www.surbl.org/implementation.html has more specifics.

Basically, if you find an URL like
http://rd.yahoo.com/*http://www.something.hotbarnyardtonermortgage.ac.uk/enlargeyourxerox,
you'll want to reduce that to hotbarnyardtonermortgage.ac.uk and do a
DNS lookup for the A record of
hotbarnyardtonermortgage.ac.uk.sc.surbl.org. If that comes back with
127.0.0.2, the comment is suspect.

The SpamAssassin team has been working on supporting this for the
upcoming 3.x release. SA is written in perl but it shouldn't take
much[1] to port the core of their work to PHP.

hth,

-- Bob

[1] And no, I'm not volunteering to do it. Just sayin'...



More information about the geeklog-users mailing list