Netsyms/data.netsyms.net
2
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Improve and update contact form spam blocker (IPv6 filter, block bad domains in message)

Browse Source
This commit is contained in:
Skylar Ittner 2024-02-14 15:09:31 -07:00
parent b96fc7bdf9
commit 0d12391529
7 changed files with 69390 additions and 196861 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

39
endpoints/net.contactspam.php
View File

@ -7,7 +7,8 @@ const MSG_MIN_WORDS = 5;
const BANNED_WORDLIST = __DIR__ . "/../resources/net.contactspam/bannedwords.txt"; const BANNED_WORDLIST = __DIR__ . "/../resources/net.contactspam/bannedwords.txt";
// Banned email domain check, one domain per line, useful if you get lots of spam from // Banned email domain check, one domain per line, useful if you get lots of spam from
// a domain your customers probably won't legitimately use // a domain your customers probably won't legitimately use
const BANNED_DOMAINS = __DIR__ . "/../resources/net.contactspam/banneddomains.txt"; const BANNED_EMAIL_DOMAINS = __DIR__ . "/../resources/net.contactspam/banneddomains.txt";
const BANNED_SPAM_DOMAINS = __DIR__ . "/../resources/net.contactspam/toxic_domains_whole.txt";
const BANNED_IP_LIST = __DIR__ . "/../resources/net.contactspam/bannedips.txt"; const BANNED_IP_LIST = __DIR__ . "/../resources/net.contactspam/bannedips.txt";
const BANNED_IP_CIDR = __DIR__ . "/../resources/net.contactspam/toxic_ip_cidr.txt"; const BANNED_IP_CIDR = __DIR__ . "/../resources/net.contactspam/toxic_ip_cidr.txt";
// Domains to skip looking up for SURBL // Domains to skip looking up for SURBL
@ -38,7 +39,7 @@ if (isset($VARS["message"])) {
// //
// Check email domain // Check email domain
// //
$banneddomainlist = file(BANNED_DOMAINS, FILE_IGNORE_NEW_LINES); $banneddomainlist = file(BANNED_EMAIL_DOMAINS, FILE_IGNORE_NEW_LINES);
foreach ($banneddomainlist as $domain) { foreach ($banneddomainlist as $domain) {
if ($email_domain == $domain) { if ($email_domain == $domain) {
exitWithJson(["status" => "OK", "clean" => false, "filter" => "domain", "hit" => $domain, "message" => "Emails from \"" . htmlspecialchars($domain) . "\" are not allowed because of spam/abuse." . ($domain == "googlemail.com" ? " (Hint: use gmail.com instead)" : "")]); exitWithJson(["status" => "OK", "clean" => false, "filter" => "domain", "hit" => $domain, "message" => "Emails from \"" . htmlspecialchars($domain) . "\" are not allowed because of spam/abuse." . ($domain == "googlemail.com" ? " (Hint: use gmail.com instead)" : "")]);
@ -92,7 +93,7 @@ if (filter_var($clientip, FILTER_VALIDATE_IP, [FILTER_FLAG_IPV4])) {
$bannedipcidrlist = file(BANNED_IP_CIDR, FILE_IGNORE_NEW_LINES); $bannedipcidrlist = file(BANNED_IP_CIDR, FILE_IGNORE_NEW_LINES);
foreach ($bannedipcidrlist as $cidr) { foreach ($bannedipcidrlist as $cidr) {
if (cidr_match($clientip, $cidr)) { if (cidr_match($clientip, $cidr)) {
exitWithJson(["status" => "OK", "clean" => false, "filter" => "toxic_ip_cidr", "hit" => $clientip, "message" => "Your computer's IP address is on a spam blacklist."]); exitWithJson(["status" => "OK", "clean" => false, "filter" => "stopforumspam_toxic_ip_cidr", "hit" => $clientip, "message" => "Your computer's IP address is on a spam blacklist."]);
} }
} }
} }
@ -100,11 +101,11 @@ if (filter_var($clientip, FILTER_VALIDATE_IP, [FILTER_FLAG_IPV4])) {
// //
// Lookup reported client IP address against stopforumspam.com full IP list // Lookup reported client IP address against stopforumspam.com full IP list
// //
if (filter_var($clientip, FILTER_VALIDATE_IP, [FILTER_FLAG_IPV4])) { if (filter_var($clientip, FILTER_VALIDATE_IP)) {
$bannediplist = file(BANNED_IP_LIST, FILE_IGNORE_NEW_LINES); $bannediplist = file(BANNED_IP_LIST, FILE_IGNORE_NEW_LINES);
foreach ($bannediplist as $ip) { foreach ($bannediplist as $ip) {
if ($clientip == $ip) { if ($clientip == $ip) {
exitWithJson(["status" => "OK", "clean" => false, "filter" => "banned_ip", "hit" => $clientip, "message" => "Your computer's IP address is blacklisted for sending spam."]); exitWithJson(["status" => "OK", "clean" => false, "filter" => "stopforumspam_banned_ip", "hit" => $clientip, "message" => "Your computer's IP address is blacklisted for sending spam."]);
} }
} }
} }
@ -142,6 +143,7 @@ $lists = [
"dbl.spamhaus.org", "dbl.spamhaus.org",
"black.uribl.com" "black.uribl.com"
]; ];
$bannedspamdomains = file(BANNED_SPAM_DOMAINS, FILE_IGNORE_NEW_LINES);
try { try {
// Matches domain names // Matches domain names
$regex = "/([a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+)/i"; $regex = "/([a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+)/i";
@ -166,10 +168,17 @@ try {
foreach ($domainlist as $d) { foreach ($domainlist as $d) {
// check local domain blacklist
foreach ($bannedspamdomains as $word) {
if ($word == $d) {
exitWithJson(["status" => "OK", "clean" => false, "filter" => "stopforumspam_domains", "hit" => $word, "message" => "Your message contains a domain ($d) that has been linked to recent spam or criminal activity. Message not sent."]);
}
}
// check online blacklists
foreach ($lists as $blacklist) { foreach ($lists as $blacklist) {
$url = "$d.$blacklist"; $url = "$d.$blacklist";
// Cache IPs so we don't do a DNS lookup each time // Cache result so we don't do a DNS lookup each time
$cacheresp = $memcache->get("net.contactspam.$url"); $cacheresp = $memcache->get("net.contactspam.$url");
if ($cacheresp !== false) { if ($cacheresp !== false) {
$dns_result = $cacheresp; $dns_result = $cacheresp;
@ -189,15 +198,19 @@ try {
// Check local spammer database // Check local spammer database
if (env("require_database")) { if (env("require_database")) {
if (!empty($clientip)) { try {
if ($database->has("net_contactspam_spammers", ["ip" => $clientip])) { if (!empty($clientip)) {
exitWithJson(["status" => "OK", "clean" => false, "filter" => "netsyms_ip_blacklist", "hit" => $clientip, "message" => "A computer at your IP address has sent spam in the past. Your message has been blocked."]); if ($database->has("net_contactspam_spammers", ["ip" => $clientip])) {
exitWithJson(["status" => "OK", "clean" => false, "filter" => "netsyms_ip_blacklist", "hit" => $clientip, "message" => "A computer at your IP address has sent spam in the past. Your message has been blocked."]);
}
} }
} if (!empty($email_lower)) {
if (!empty($email_lower)) { if ($database->has("net_contactspam_spammers", ["email" => $email_lower])) {
if ($database->has("net_contactspam_spammers", ["email" => $email_lower])) { exitWithJson(["status" => "OK", "clean" => false, "filter" => "netsyms_email_blacklist", "hit" => $email_lower, "message" => "Someone put your email as the from address on a spam message. Your message has been blocked."]);
exitWithJson(["status" => "OK", "clean" => false, "filter" => "netsyms_email_blacklist", "hit" => $email_lower, "message" => "Someone put your email as the from address on a spam message. Your message has been blocked."]); }
} }
} catch (Exception $ex) {
// skip
} }
} }

2
resources/net.contactspam/banneddomains.txt
View File

@ -3,6 +3,8 @@ qualityguestposts.com
warriorplus.com warriorplus.com
youtu.be youtu.be
sleepl.ink sleepl.ink
socialbuzzzy.com
bloombergnewstoday.com
t.ly t.ly
shorturl.at shorturl.at
00-tv.com 00-tv.com

217904
resources/net.contactspam/bannedips.txt
View File

File diff suppressed because it is too large Load Diff

3
resources/net.contactspam/bannedwords.txt
View File

@ -75,4 +75,5 @@ overflow of customers
google listing google listing
website on google website on google
issues with your website issues with your website
exciting opportunity exciting opportunity
ai tools

48278
resources/net.contactspam/toxic_domains_whole.txt Normal file
View File

File diff suppressed because it is too large Load Diff

4
resources/net.contactspam/toxic_ip_cidr.txt
View File

@ -5,6 +5,7 @@
109.200.8.0/21 109.200.8.0/21
109.200.16.0/20 109.200.16.0/20
146.185.223.0/24 146.185.223.0/24
162.55.21.16/28
174.76.30.11/32 174.76.30.11/32
174.76.30.12/30 174.76.30.12/30
174.76.30.16/28 174.76.30.16/28
@ -19,6 +20,7 @@
193.201.224.0/24 193.201.224.0/24
194.26.29.0/24 194.26.29.0/24
212.129.0.0/18 212.129.0.0/18
216.131.114.0/24
23.106.192.0/20 23.106.192.0/20
23.106.208.0/21 23.106.208.0/21
23.106.216.0/22 23.106.216.0/22
@ -35,8 +37,10 @@
23.106.64.0/19 23.106.64.0/19
23.19.0.0/16 23.19.0.0/16
46.118.115.0/24 46.118.115.0/24
46.161.11.0/24
46.161.9.0/24 46.161.9.0/24
5.188.210.0/23 5.188.210.0/23
5.188.48.0/24
5.9.182.96/28 5.9.182.96/28
91.200.12.0/22 91.200.12.0/22
91.210.104.0/22 91.210.104.0/22

21
resources/net.contactspam/updatebannediplist.php
View File

@ -1,22 +1,19 @@
<?php <?php
echo "Downloading...\n"; echo "Downloading...\n";
file_put_contents(__DIR__ . "/bannedips.zip", file_get_contents("https://www.stopforumspam.com/downloads/bannedips.zip")); file_put_contents(__DIR__ . "/bannedips.zip", file_get_contents("https://www.stopforumspam.com/downloads/listed_ip_7_ipv46.zip"));
file_put_contents(__DIR__ . "/toxic_ip_cidr.txt", file_get_contents("https://www.stopforumspam.com/downloads/toxic_ip_cidr.txt")); file_put_contents(__DIR__ . "/toxic_ip_cidr.txt", file_get_contents("https://www.stopforumspam.com/downloads/toxic_ip_cidr.txt"));
file_put_contents(__DIR__ . "/toxic_domains_whole.txt", file_get_contents("https://www.stopforumspam.com/downloads/toxic_domains_whole.txt"));
$zip = new ZipArchive; $zip = new ZipArchive;
$res = $zip->open(__DIR__ . "/bannedips.zip"); $res = $zip->open(__DIR__ . "/bannedips.zip");
if ($res === TRUE) { if ($res === TRUE) {
$zip->extractTo(__DIR__ . "/"); $zip->extractTo(__DIR__ . "/");
$zip->close(); $zip->close();
echo 'Unzipped.'; unlink(__DIR__ . "/bannedips.zip");
rename(__DIR__ . "/listed_ip_7_ipv46.txt", __DIR__ . "/bannedips.txt");
echo "Unzipped.\n";
} else { } else {
echo 'Unzip failed.'; echo "Unzip failed.\n";
} }
unlink(__DIR__ . "/bannedips.zip"); echo "Done.\n";
$csv = file_get_contents(__DIR__ . "/bannedips.csv");
$ips = explode(",", $csv);
file_put_contents("bannedips.txt", implode("\n", $ips));
echo "\nConverted.\n";
unlink(__DIR__ . "/bannedips.csv");