Update contact form spam detection

2025-12-14 16:47:02 -07:00 · 2025-12-14 16:47:02 -07:00 · 8a18007fd9
commit 8a18007fd9
parent 4229a10956
9 changed files with 31868 additions and 36777 deletions
--- a/endpoints/net.contactspam.php
+++ b/endpoints/net.contactspam.php
@ -8,7 +8,9 @@ const BANNED_WORDLIST = __DIR__ . "/../resources/net.contactspam/bannedwords.txt
 // Banned email domain check, one domain per line, useful if you get lots of spam from
 // a domain your customers probably won't legitimately use
 const BANNED_EMAIL_DOMAINS = __DIR__ . "/../resources/net.contactspam/banneddomains.txt";
+const BANNED_REFERRALSPAM_DOMAINS = __DIR__ . "/../resources/net.contactspam/matomoreferralspamdomains.txt";
 const BANNED_SPAM_DOMAINS = __DIR__ . "/../resources/net.contactspam/toxic_domains_whole.txt";
+const BANNED_SPAM_DOMAINS_PARTIAL = __DIR__ . "/../resources/net.contactspam/toxic_domains_partial.txt";
 const BANNED_IP_LIST = __DIR__ . "/../resources/net.contactspam/bannedips.txt";
 const BANNED_IP_CIDR = __DIR__ . "/../resources/net.contactspam/toxic_ip_cidr.txt";
 // Domains to skip looking up for SURBL
@ -39,7 +41,9 @@ if (isset($VARS["message"])) {
 //
 // Check email domain
 //
-$banneddomainlist = file(BANNED_EMAIL_DOMAINS, FILE_IGNORE_NEW_LINES);
+$banneddomainlist1 = file(BANNED_EMAIL_DOMAINS, FILE_IGNORE_NEW_LINES);
+$banneddomainlist2 = file(BANNED_REFERRALSPAM_DOMAINS, FILE_IGNORE_NEW_LINES);
+$banneddomainlist = array_merge($banneddomainlist1, $banneddomainlist2);
 foreach ($banneddomainlist as $domain) {
    if ($email_domain == $domain) {
        exitWithJson(["status" => "OK", "clean" => false, "filter" => "domain", "hit" => $domain, "message" => "Emails from \"" . htmlspecialchars($domain) . "\" are not allowed because of spam/abuse." . ($domain == "googlemail.com" ? "  (Hint: use gmail.com instead)" : "")]);
@ -144,6 +148,7 @@ $lists = [
    "black.uribl.com"
 ];
 $bannedspamdomains = file(BANNED_SPAM_DOMAINS, FILE_IGNORE_NEW_LINES);
+$bannedpartialdomains = file(BANNED_SPAM_DOMAINS_PARTIAL, FILE_IGNORE_NEW_LINES);
 try {
    // Matches domain names
    $regex = "/([a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+)/i";
@ -177,7 +182,13 @@ try {
                exitWithJson(["status" => "OK", "clean" => false, "filter" => "stopforumspam_domains", "hit" => $word, "message" => "Your message contains a domain ($d) that has been linked to recent spam. Message not sent."]);
            }
        }
+        foreach ($bannedpartialdomains as $word) {
+            if (str_contains($d, $word)) {
+                exitWithJson(["status" => "OK", "clean" => false, "filter" => "stopforumspam_domains_partial", "hit" => $word, "message" => "Your message contains a domain ($d) that has been linked to recent spam. Message not sent."]);
+            }
+        }
    }
+
    // do online searches only after we've checked the local lists
    foreach ($domainlist as $d) {
        // check online blacklists
--- a/resources/net.contactspam/banneddomains.txt
+++ b/resources/net.contactspam/banneddomains.txt
--- a/resources/net.contactspam/bannedips.txt
+++ b/resources/net.contactspam/bannedips.txt
--- a/resources/net.contactspam/bannedwords.txt
+++ b/resources/net.contactspam/bannedwords.txt
@ -86,3 +86,6 @@ potential long-term partnership
 currently seeking companies
 share your product offerings
 whatsapp
+virtual assistant
+automated emails
+dog harness
--- a/resources/net.contactspam/matomoreferralspamdomains.txt
+++ b/resources/net.contactspam/matomoreferralspamdomains.txt
--- a/resources/net.contactspam/toxic_domains_partial.txt
+++ b/resources/net.contactspam/toxic_domains_partial.txt
--- a/resources/net.contactspam/toxic_domains_whole.txt
+++ b/resources/net.contactspam/toxic_domains_whole.txt
--- a/resources/net.contactspam/toxic_ip_cidr.txt
+++ b/resources/net.contactspam/toxic_ip_cidr.txt
@ -15,6 +15,7 @@
 174.76.30.70/32
 176.227.192.0/19
 178.159.37.0/24
+185.177.72.0/24
 188.143.232.0/23
 188.143.234.0/24
 193.201.224.0/24
@ -47,5 +48,6 @@
 5.9.182.96/28
 91.200.12.0/22
 91.210.104.0/22
+91.211.90.0/24
 95.137.147.0/28
 95.137.147.16/32
--- a/resources/net.contactspam/updatebannediplist.php
+++ b/resources/net.contactspam/updatebannediplist.php
@ -4,6 +4,8 @@ echo "Downloading...\n";
 file_put_contents(__DIR__ . "/bannedips.zip", file_get_contents("https://www.stopforumspam.com/downloads/listed_ip_7_ipv46.zip"));
 file_put_contents(__DIR__ . "/toxic_ip_cidr.txt", file_get_contents("https://www.stopforumspam.com/downloads/toxic_ip_cidr.txt"));
 file_put_contents(__DIR__ . "/toxic_domains_whole.txt", file_get_contents("https://www.stopforumspam.com/downloads/toxic_domains_whole.txt"));
+file_put_contents(__DIR__ . "/toxic_domains_partial.txt", file_get_contents("https://www.stopforumspam.com/downloads/toxic_domains_partial.txt"));
+file_put_contents(__DIR__ . "/matomoreferralspamdomains.txt", file_get_contents("https://raw.githubusercontent.com/matomo-org/referrer-spam-list/refs/heads/master/spammers.txt"));

 $zip = new ZipArchive;
 $res = $zip->open(__DIR__ . "/bannedips.zip");