« | Home | Categories | »

Yet another anti-spam measure

Posted on November 7th, 2004 at 17:28 by John Sinteur in category: Software -- Write a comment

I’ve been hacking wordpress again.

This time, I’ve added a plugin that scans the content of a comment, and any URL it finds is checked against a public list at surbl.org.

What’s great about this list is that if a spammer uses a site to “sell” his stuff (say, ‘www.ultra-cheap-crap.info’) he has to link tot hat site in his spam messages. surbl.org lists the sites used by spammers in this way.

Which means, if a comment is posted that mentions a site that is used by spammers, it is assumed that it is comment-spam. Usually, that is true, since most comment spam I’ve seen is of the form “I think you’d like to check out www.my-crappy-shit.com”

You can download the wordpress plugin here and view the source here. Just drop it in your plugins folder and activate.

It also incorporates my earlier plugin that checks against dsbl.org.

  1. […] to make a legitimate comment. I was alerted to this by Michele and he pointed me towards another plug-in for helping with blog comment which he finds useful. This one works on the basis of ch […]

  2. hi
    tx for the plugin
    does it work if we modified wp-comments-post.php to another name for spamming reasons too ?

  3. Hey, quick question; What plugin are you using to get nested comments like this? I tried “brian’s nested comments” plugin, but it causes wordpress to throw PHP errors.

  4. Odd, looks like wordpress chops off long URLs in trackbacks? Anyway the complete URL for the entry is:

    webmaster note: edited long url into a link to keep my right column from mucking up. Just click the link :mrgreen:

  5. […] y and painless to install (even for a wannabe nerd like myself). For WordPress users, try John Sinteur’s plugin that utilizes the subrl.org public list. MT users (why do you still use i […]

  6. thanks. installed it, and will test it out.

  7. […] s scripts on the site. The first script is Kitten’s Spaminator and the second script is DNS-anti-spam. Hopefully, these two scripting working concurrently will stop those spams comment reach […]

  8. […] site from being overrun with spam. However, I think I have a solution. I was directed to John Sinteur’s wordpress plugin. It looks very interesting and I hope that it works. Here&#821 […]

  9. I’m sorry to say, it doesn’t work. I went to an entry with no comments, entered fake info including a url from surbl.org in both the URI and the comment field. Submitted. The comment showed up. How is this supposed to work or am I missing something?


  10. It should work – I’ll contact you through email to help you find the problem..

  11. […] Filed under: General — site admin @ 10:29 pm << quick easy WordPress plugin to resist spam. 1 Comment » The […]

  12. […] seems to be coming from such a server, it is not posted. By the way, a new plugin, called DNS-anti-spam by the Daily Irrelevant is available. This one checks the URIs in the comment against t […]

  13. […] hed Google next “how to check for proxy php” with the hope someone had already done this for my lazy ass. It must be my lucky day, not only was it already done, it was a WordPress p […]

  14. […] ug-ins, thus far so good. They are, in no particular order.. Matt’s Spambot Stopper John’s Stop Open Proxy Commenting Please let me know if you have any trouble with the comments […]

  15. […] d under: General — Mekanix @ 20:00 Well, seems like Kittens Spaminator and DNS-anti-spam seems to have lost their effectiveness. I’ve just been flooded by a commentspammer […]

  16. […] 8212; Joe @ 12:33 So far so good. I have installed John Sinteur’s ‘Block-lists anti-spam measures‘. Not a single spam comment since. Woohoo! […]

  17. […] Sinfeur, the good lord willin’ and the crick don’t rise, we’ll have yet another comment spam trap in our arsenal. One reason I’m posting this is to see if I can reply […]

  18. What I’m using is not a plugin – but a set of modifications to the wordpress files – it may have been an earlier version of brians comments, because I recall having some php problems as well.

    See if you can get brian to help you with the errors – if not, mail me, and I’ll try to help you.

  19. Yes.

  20. Thanks – fixed. A weirdness in the webserver configuration.. I’ve renamed it, click the link again..

  21. Hi! I have installed this script onto my site. How do I test it to see if it works? Thanks! 😛

  22. […] various poker sites (what is so great about poker sites anyway?). So I’ve enabled a new plugin which checks to see if the post is coming from an open proxy or contains a link or links to […]

  23. Your plugin has a bug. It will cause an error unless you move the $blackholes definition into the function in which it’s used.

  24. Now that I’ve found the plugin again, I tip my hat to you.
    Thanks for offering me a way to keep the BS at bay.

  25. Thanks for this plugin! Just wondering: wouldn’t it be a bit more efficient to implode just once instead of three times?

  26. Nothing – I’ve been unable to reproduce the problem, no matter what I tried..

  27. I’d like to know what yo’ve learned. I think I had the same “URL” error. Thanks!

  28. I’ll mail you..

  29. It seems this plugin, while doing a great job, also blocks every comment that features an URL in the comment field?! I had a couple of readers of my blog mention this to me and when I tried myself, I only managed to post such a comment once I had turned off your plugin. Have I done something wrong here??

  30. Your link seems to be broken. I get:
    Parse error: parse error, unexpected $ in /usr/home/sinteur/www/www.sinteur.com/DNS-anti-spam.php.gz on line 3
    when I try to download it.

  31. Not a bad idea… it works on things like SpamAssassin for Email… why not blogs?

  32. John, I’ve done some hacking to your plugin to allow it to query multiple blackhole lists. Let me know if you’re interested in incorporating this into your code.

  33. Hi, another question. 😛 *grins sheepishly*

    Just wondering whether your plugin uses the blocklist at SPEWS.ORG. I received a false positive an hour ago when using the plugin, and the blocklist was traced to SPEWS.ORG. Thanks. 🙂

  34. I’ve started having issues using this plugin with others, specifically SpamKarma. Would you care to help me test, John?

  35. Of course! (I’ll e-mail you)

  36. Of course – I’ll email you.

  37. Auto-blocking open proxies’ access to Movable Type
    In the category of sheer genius contributions to the fight against spam, let me point you in the direction of Brad Choate’s newest plugin for the Movable Type content management system: mt-dsbl

  38. Comment Spam
    The last couple of weeks I have been more than annoyed by comment spam. I decided to look for a solution tonight to hopefully cut down on some of the spam. I looked at the ip of the poster spamming and of course these were proxy ip’s, I serched Google…

  39. Battling comment spam
    The *arms race is on*. And it didn’t take long for _internet casino_ and somesuch to catch on to my new blog. Assholes. And because I don’t want to spend my whole day moderating comments, here’s what I did:

    – installed the “Autoclose comments a…

  40. More antispam hacks
    Thanks to John Sinfeur, the good lord willin’ and the crick don’t rise, we’ll have yet another comment spam trap in our arsenal. One reason I’m posting this is to see if I can reply to it without getting mistaken for a spammer. Y’all are welcome…

  41. Comment SPAM Update
    …Update (12/6): OK, I totally jinxed it – I had 5 new comment spams waiting for me this morning, having evaded both Spaminator and WP?s default. In my CSS-wrasslin? session last night, I came across another tool that checks posts against known spam…

  42. Damn Spammers
    They’ve learned a new trick. Commenting on a post that doesn’t exist. Installed a new plugin that should hopefully help.

  43. the Daily Irrelevant
    Yet another anti-spam measure

  44. Hello,

    You should use “sbl-xbl.spamhaus.org.” instead of “sbl-xbl.spamhaus.org” (add dot in the end), this will increasing performance when your /etc/resolv.conf have many “search” item, and avoid some stupid problem when wildcard A RR was set… 🙂

  45. gslin, I’ve added that – the current version has fully qualified domains. Thanks!

  46. version 1.5 seems never lookup “sbl-xbl.spamhaus.org.” because of misplace “{}” (line 28 in DNS-anti-spam.php)

  47. Well spotted! I fixed it, the download is now version 1.5.1.

  48. Hi John:

    My name is Mark Wu. Just want to say thanks for such great plugin. I already ported to pLog, it works well. I already mail the source to you. Hope you don’t mind I port it to pLog.

    Regards, Mark

  49. Mark, of course I don’t mind, well done!

  50. Hi John,
    I am wondering, has your plugin been built into WP 1.5, as there is an option to block open and insecure proxies?! Or is that a different approach/solution from yours?

  51. They’re using a similar mechanism, but a different blacklist; opm.blitzed.org This means WP 1.5 and my plugin work together..

  52. I loaded this plugin and at first it seemed to be working well, but now I’m getting flooded. Is there any way to debug to see what’s going wrong?

  53. running wp 1.3 btw

  54. I’ve seen lots of new spam attempts coming from machines that aren’t on any blocklists, you’re not doing anything wrong…

previous post: Great T-Shirt!

next post: Open brief terug