Topic: Blacklisting email domains?

I'm receiving about five spambots a day who are quite intent on showing us CSS geeks Lindsay Lohan's nipples. They all come from just a handful of domains, which I'd like to block from registration. Short of manually editing the PHP, how can I do this? Is there an admin tool geared towards blacklisting?

Re: Blacklisting email domains?

install some antispam registarion mods then, just stop them registring before they post. simple

Sorry. Unactive due to personal life.

Re: Blacklisting email domains?

On an off note, one such spam message was for cannabis seeds, and I was tempted to click through :^)

Re: Blacklisting email domains?

Add a ban and leave the username blank, simply put the domain name under email. (Also make sure you got allow banned emails set to no in options/permissions).

Re: Blacklisting email domains?

I blacklist email-domains in this way, but the spammers still register. What am I doing wrong?

I have "Allow banned e-mail addresses" set to "no". I create a ban containing just the email-domain (without the "@") without any username... sad

I run the latest version of PunBB.

6

Re: Blacklisting email domains?

fredrikn wrote:

I blacklist email-domains in this way, but the spammers still register. What am I doing wrong?

I have "Allow banned e-mail addresses" set to "no". I create a ban containing just the email-domain (without the "@") without any username... sad

You are entering the parent domain in the banned e-mail list? Do you have another PunBB running, using the same db?

Re: Blacklisting email domains?

fredrikin, someone gave me this code and it really seem to help!
plus i have rules turn on and timezone mod. with another captcha mod..

open register.php find
require PUN_ROOT.'include/common.php';
place this afterwards..

/***************************
   START SPAM PROTECTION
***************************/

// Address of the blocklist server
$checkspam['blocklist'] = 'sbl.spamhaus.org';

// Build the url to check (reverse DNS query). If you want to test if it works on
// your server, replace the "get_remote_address()" part with the following: '127.0.0.2'
$checkspam['Reverse DNS'] = implode( '.', array_reverse( explode( '.', get_remote_address() ) ) ) . '.' . $checkspam['blocklist'];

// Do the actual lookup. If the users IP is listed in the blocklist, we will be given just an IP back from the queried server.
// If the user is *not* listed as a spammer, the result we get back from the server will be the same string as we sent.
if( $checkspam['Reverse DNS'] != gethostbyname($checkspam['Reverse DNS']) ) {
    
    message('Unfortunately, it would appear that your current IP address is listed in one of the anti-spam databases we queried.
            Because of this, you will not be able to register a new account at this point in time. If you believe this to
            be a mistake, we urge you to read the FAQ over at <a href="http://www.spamhaus.org/faq/index.lasso">The Spamhaus Project</a>
            for more details, including actions you can take to resolve this issue.',true);
}

/****************************
   END OF SPAM PROTECTION
****************************/
My stuff or my style might sux, but atleast I'm willing to help when I can.
Don't be stupid and help ! We are the stupid one's !!!

8 (edited by fredrikn 2007-09-06 20:29)

Re: Blacklisting email domains?

MattF wrote:
fredrikn wrote:

I blacklist email-domains in this way, but the spammers still register. What am I doing wrong?

I have "Allow banned e-mail addresses" set to "no". I create a ban containing just the email-domain (without the "@") without any username... sad

You are entering the parent domain in the banned e-mail list? Do you have another PunBB running, using the same db?

I have a single PunBB running. I enter "domain.tld" to block "user@domain.tld", which I assume is the correct syntax.

Quaker: That's a good idea!  smile

/Fredrik

9 (edited by quaker 2007-09-06 21:43)

Re: Blacklisting email domains?

now u can change the level of security by replacing sbl.spamhaus.org with some other html link.
and it will stop more..
ill try to find the page on here that explains more what im talking about....
hahaa


here it is....

http://punbb.org/forums/viewtopic.php?pid=99960#p99960

Q

My stuff or my style might sux, but atleast I'm willing to help when I can.
Don't be stupid and help ! We are the stupid one's !!!

10 (edited by MattF 2007-09-06 23:07)

Re: Blacklisting email domains?

Here's a multi-rbl variation of that code Quaker posted.

//---------------Start of RBL lookup---------------//

$rblserver = array();
$rblserver[] = 'sbl-xbl.spamhaus.org';
$rblserver[] = 'combined.rbl.msrbl.net';

$fip = get_remote_address();
$rip = implode('.', array_reverse(explode('.', $fip)));


foreach ($rblserver as $xrbl)
{
        $rblcheck = $rip.'.'.$xrbl;

        if ($rblcheck != gethostbyname($rblcheck))
        {
                message("$fip blocked. Your I.P address is listed in the $xrbl database.");
        }
}

//----------------End of RBL lookup----------------//

Only lightly tested. smile You can add more RBL's if required, (though not necessarily a good idea), by adding more:

$rblserver[] = '[another-rbl-server]';

lines below those two already there. Those two should suit for general use, however.

11

Re: Blacklisting email domains?

Just been playing around with this in PunBB itself. It needs the header/footer adding too, otherwise it will just blank screen. I assume this applies to the original code posted initially to boot.

//---------------Start of RBL lookup---------------//

$rblserver = array();
$rblserver[] = 'sbl-xbl.spamhaus.org';
$rblserver[] = 'combined.rbl.msrbl.net';

$fip = get_remote_address();
$rip = implode('.', array_reverse(explode('.', $fip)));


foreach ($rblserver as $xrbl)
{
        $rblcheck = $rip.'.'.$xrbl;

        if ($rblcheck != gethostbyname($rblcheck))
        {
                $page_title = pun_htmlspecialchars($pun_config['o_board_title']).' / '.$lang_register['Register'];
                require PUN_ROOT.'header.php';
                message("Your I.P address: ($fip) is blocked due to it being listed in the $xrbl database.");                         
                require PUN_ROOT.'footer.php';
        }
}

//----------------End of RBL lookup----------------//

12

Re: Blacklisting email domains?

mattf, what does this do? are you modifying the register.php or some sorta blockage script for those listed.

hummm that might be a good mod. a blocking script via ip address and a redirect to some stupid site.

if ip is listed then redirects.

Q

My stuff or my style might sux, but atleast I'm willing to help when I can.
Don't be stupid and help ! We are the stupid one's !!!

13 (edited by MattF 2007-09-08 19:33)

Re: Blacklisting email domains?

quaker wrote:

mattf, what does this do? are you modifying the register.php or some sorta blockage script for those listed.

It does exactly the same as that original code you posted, except for the fact that you can specify multiple RBL's to check against with this one. It's just a modified version of that initial code you posted. smile The script is placed at the same place in register.php as you mentioned above. That's why it needs the header/footer parts adding with the reject message. smile

14

Re: Blacklisting email domains?

fredrikn wrote:
MattF wrote:
fredrikn wrote:

I blacklist email-domains in this way, but the spammers still register. What am I doing wrong?

I have "Allow banned e-mail addresses" set to "no". I create a ban containing just the email-domain (without the "@") without any username... sad

You are entering the parent domain in the banned e-mail list? Do you have another PunBB running, using the same db?

I have a single PunBB running. I enter "domain.tld" to block "user@domain.tld", which I assume is the correct syntax.

Yup. That's correct. smile

15

Re: Blacklisting email domains?

quaker wrote:

hummm that might be a good mod. a blocking script via ip address and a redirect to some stupid site.

if ip is listed then redirects.

You could easily add a redirect inplace of the rejection message, but that wouldn't honestly be a good idea. You will get false positives on occasion. Legitimate users shouldn't be required to have to jump through hoops just to register. That idea would penalise legit users big style.

16

Re: Blacklisting email domains?

freakin sweet... a war on spam....hahaha...


Q

My stuff or my style might sux, but atleast I'm willing to help when I can.
Don't be stupid and help ! We are the stupid one's !!!

Re: Blacklisting email domains?

I have made a simple mod that disallows the user to view anything until he/she activates his account.I don't know if it will help.
here it is :
http://www.punres.org/viewtopic.php?id=3814

18 (edited by MattF 2007-09-09 18:12)

Re: Blacklisting email domains?

If their account isn't activated, they cannot login, hence they're a guest? Wouldn't just disabling guest viewing achieve the same?

19

Re: Blacklisting email domains?

Mattf, now.. here goes. is there a site that list IP to totally block user? say u go to my site and if your ip is listed it will block the site 100%?

Q

My stuff or my style might sux, but atleast I'm willing to help when I can.
Don't be stupid and help ! We are the stupid one's !!!

20 (edited by MattF 2007-09-10 15:07)

Re: Blacklisting email domains?

quaker wrote:

Mattf, now.. here goes. is there a site that list IP to totally block user? say u go to my site and if your ip is listed it will block the site 100%?

List the IP on what criterion? If you're going down a full access block route, you should be doing this at network level, not software level, i.e: firewall.

Edit: If you are going to do it at software level, I would presume including that script from header.php itself would do the trick. Header.php is a common requirement across all forum pages.

21

Re: Blacklisting email domains?

i mean a list of ip that has sent spam. so that when they access the website. it redirects then somewhere else. sorta like this script..
lol...

Ill try to work on what exactly im trying to say.. in a few..

Q

My stuff or my style might sux, but atleast I'm willing to help when I can.
Don't be stupid and help ! We are the stupid one's !!!

22 (edited by MattF 2007-09-10 22:52)

Re: Blacklisting email domains?

You mean then to create your own blacklist from IP's that have spammed your forum?

By far the best method, I would say, would be to run MJT's rbldnsd server and compile the list for that so that you have your own local RBL. I use that method for the MX, and it works a treat. It's been running several years here with never a single glitch. Just set up Bind/named to forward to it for your local zones RBL entry.

http://www.corpit.ru/mjt/rbldnsd.html

23

Re: Blacklisting email domains?

ill have to read how to setup my own bind ...

sound very good... that would be a great way to fight some spam effectively!

My stuff or my style might sux, but atleast I'm willing to help when I can.
Don't be stupid and help ! We are the stupid one's !!!

24 (edited by MattF 2007-09-10 23:26)

Re: Blacklisting email domains?

It's straight forward enough. All you need to do is just set it up as a caching resolver, and add an entry for your RBL. It's worthwhile having a local caching DNS server anyhow, as it will help with your DNS traffic and speed for cached lookups. All you'd need is a named.conf file consisting of roughly:

//
//
// Local rbl zone(s)
//
//

zone "spam.rbl" in     // Or whatever name you use with your rbldnsd zone(s).
{
        type forward;
        forward only;
        forwarders
        {
                [IP.address.of.rbldnsd];
        };
};

//
// root servers
//

zone "." in
{
        type hint;
        file "named.root";
};

//
//
// End of file
//
//

That's about all you need for a caching server and forwarding to your RBL server, (if I remember correctly). You could probably just use the IP of the RBL server in that above script instead of a hostname?, but you're getting a caching resolver to boot, so it's worth setting it up just for that. It also gives you the option of using the RBL for other servers/purposes, where as a flatfile lookup would be tied to the forum.

25

Re: Blacklisting email domains?

cache server? ok that alittle beyond my scope....
u got msn or aol yahoo?

My stuff or my style might sux, but atleast I'm willing to help when I can.
Don't be stupid and help ! We are the stupid one's !!!