taskSavane - Tasks: task #4127, filter spam on the fly with DNSbl

 
 
Show feedback again

You are not allowed to post comments on this tracker with your current authentification level.

task #4127: filter spam on the fly with DNSbl

Submitted by:  Mathieu Roy <yeupou>
Submitted on:  Mon 13 Nov 2006 06:57:40 PM UTC  
 
Should Start On: Sun 12 Nov 2006 11:00:00 PM UTCShould be Finished on: Mon 27 Nov 2006 11:00:00 PM UTC
Category: Web FrontendStatus: Done
Priority: 3 - NormalPlanned Release: 2.1
Assigned to: Mathieu Roy <yeupou>Open/Closed: Closed
Privacy: PublicFor/By: CERN

Thu 16 Nov 2006 04:38:16 PM UTC, comment #5:

Interestingly enough, while we had so far no spam reported at Gna! on the trackers, yet we already have in the logs:

[Thu Nov 16 16:55:09 2006] [error] rejected data from 213.136.108.34 - found in sbl-xbl.spamhaus.org, http://www.spamhaus.org/query/bl?ip=213.136.108.34 - anonymous user (213.136.108.34) at /account/login.php?uri=%2Fproject%2Fmemberlist.php%3Fgroup%3Dnasgaia
[Thu Nov 16 16:56:13 2006] [error] rejected data from 213.136.108.34 - found in sbl-xbl.spamhaus.org, http://www.spamhaus.org/query/bl?ip=213.136.108.34 - anonymous user (213.136.108.34) at /account/login.php?uri=%2Faccount%2Flogin.php%3Furi%3D%252Fproject%252Fmemberlist.php%253Fgroup%253Dnasgaia
[Thu Nov 16 16:59:48 2006] [error] rejected data from 213.136.108.34 - found in sbl-xbl.spamhaus.org, http://www.spamhaus.org/query/bl?ip=213.136.108.34 - anonymous user (213.136.108.34) at /account/login.php?uri=%2F
[Thu Nov 16 17:12:08 2006] [error] rejected data from 213.136.108.34 - found in sbl-xbl.spamhaus.org, http://www.spamhaus.org/query/bl?ip=213.136.108.34 - anonymous user (213.136.108.34) at /account/login.php?uri=%2Fbugs%2F%3F6903
[Thu Nov 16 17:16:37 2006] [error] rejected data from 213.136.108.34 - found in sbl-xbl.spamhaus.org, http://www.spamhaus.org/query/bl?ip=213.136.108.34 - anonymous user (213.136.108.34) at /account/login.php?uri=%2Fsendmessage.php%3Ftouser%3D6756

Obviously one box. Well, it actually may be a valid user behind a computer full of virus. Whatever, this means that is a potential virus source and it matter that the legitimate owner of the box fix it.

Mathieu Roy <yeupou>
Project AdministratorIn charge of this item.
Wed 15 Nov 2006 04:39:14 PM UTC, SVN revision 6340:

Add DNS blacklist checks (task #4127)

(Browse SVN revision 6340)

Mathieu Roy <yeupou>
Project AdministratorIn charge of this item.
Wed 15 Nov 2006 04:33:43 PM UTC, comment #3:

So check will be made:

  • on account creation
  • on login
  • whenever form_id is checked (which means all important forms where we prevent duplicate posts)
Mathieu Roy <yeupou>
Project AdministratorIn charge of this item.
Wed 15 Nov 2006 04:32:57 PM UTC, SVN revision 6339:

Add DNS blacklist checks (task #4127)

(Browse SVN revision 6339)

Mathieu Roy <yeupou>
Project AdministratorIn charge of this item.
Wed 15 Nov 2006 03:26:57 PM UTC, comment #1:

The following was caught in a spam at LCG Savannah

http://www.spamhaus.org/query/bl?ip=200.88.223.98

It is listed in SBL as "Extremely intense source of blog/form http spam (often converted into mail spam to web administrators contact addresses)."

This proves that it is definetely a good way to go to dns checks.

The way it will work will be to check every anonymous post (including account creation related posts).
As it is easier to tracker logged-in users, we will not for now checks these. Or maybe only non-project members post.

Mathieu Roy <yeupou>
Project AdministratorIn charge of this item.
Mon 13 Nov 2006 06:57:40 PM UTC, original submission:

We want to have the possibility to run anonymous posters IP against a list of DNSbl servers (probably set in site-specific-content). If the DNSbl knows the poster, we may automatically set the item as spam or reject the post.

The later is probably the more annoying to spammers, however it means using only 100%-sure lists. I'd rather go with the later, I'll see with Yves what he thinks about this specific point.

Mathieu Roy <yeupou>
Project AdministratorIn charge of this item.

 

No files currently attached

 

Depends on the following items: None found

Items that depend on this one
task dev-2006.10-MarkupAndSpamFilterAndMetaUsers branch (task #3776, Done)

Digest:
   task dependencies.

 

Carbon-Copy List
  • -unavailable- added by yeupou
  • -unavailable- added by yeupou (Submitted the item)

    •  

    Do you think this task is very important?
    If so, you can click here to add your encouragement to it.
    This task has 0 encouragements so far.

    Only logged-in users can vote.

     

    Please enter the title of George Orwell's famous dystopian book (it's a date):

     

     

    Follow 6 latest changes.

    Date Changed By Updated Field Previous Value => Replaced By
    Thu 16 Nov 2006 04:38:16 PM UTCyeupouCarbon-Copy-=>Added ype
    Wed 15 Nov 2006 04:41:36 PM UTCyeupouStatusIn Progress=>Done
      Open/Closed-Automatic update due to transitions settings-=>Closed
    Wed 15 Nov 2006 03:36:32 PM UTCyeupouStatusNone=>In Progress
      Assigned toNone=>yeupou
    Mon 13 Nov 2006 06:58:46 PM UTCyeupouDependencies-=>task #3776 is dependent
    Show feedback again

    Back to the top


    Copyright (C) 2004-2006, the Gna! people. Posted items are owned by whoever posted them.
    Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.

    Powered by Savane 3.1-cleanup