Surbl.org allows us to check extracted URLs (see previous request) against their database of spamvertized URLs.

The call needs to look like about the following:

Assume that $url is the domain part (no subdomains) of an extracted
url, then

$result = gethostbyname($url .'.multi.surbl.org');

If the queried domain is listed, the result will be 127.0.0.x where x describes in which of the lists that surbl.org has the domain occurs, see http://www.surbl.org/lists.html.

For listet domains we should add a watchdog message so that admins may see which domains a user tried to enter and we should invalidate the form.

Comments

gerhard killesreiter’s picture

gerhard killesreiter commented

Maybe it would be worthwhile to factor out the lookup into another module so that other modules could use it.

lyricnz’s picture

lyricnz commented

There is a PEAR package Net_DNSBL that implements this kind of service, but given the dependencies, it could be kindof a drag to install. Plus, it uses Cache_Lite (ie: filesystem caching), and it's not GPL either, so we can't redistribute even a modified version of this.

Spam module looks like it as surbl support, but not updated since Drupal 4.6.

So, I think you could be right - a surbl project seems to be called for (or update spam module, but reusable API modules seem like a better choice)

jeremy’s picture

jeremy commented

I've not gotten around to updating the spam_surbl module, as the results were very disappointing the list time I used it. Occasionally a lookup on surbl.org would help track down a spam URL, but this was surprisingly infrequent. It seems that the URLs used by comment spammers are frequently not the same URLs used by email spammers.

I do intend to update the module eventually, as I'm hopeful with the additional configuration available to the 3.0 spam module surbl lookups will prove more useful.

jeremy’s picture

jeremy commented

I went ahead and ported the basic surbl functionality to my spam 3 module. It took about 10 minutes to code and test -- in other words, SURBL integration is very simple.

I pushed this module to KernelTrap, and will watch the logs to see if the Surbl matching is more effective now than the last time I tested.

killes@www.drop.org’s picture

killes@www.drop.org commented

@Jeremy: Thanks!

Note that we do not want to catch comment spammers, we want to catch email spammers that use drupal.org to redirect their "clients" to another spammy URL.

Project: » Lost & found issues

This issue’s project has disappeared. Most likely, it was a sandbox project, which can be deleted by its maintainer. See the Lost & found issues project page for more details. (The missing project ID was 290507)