Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Best DNSBL List


  • Please log in to reply
4 replies to this topic

#1 Romeo29

Romeo29

    Learning To Bleep


  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:03:26 AM

Posted 24 April 2010 - 11:39 AM

Hi,

I wanted to block IP addresses from commenting on as site using a DNSBL list.
What is the best DNSBL list in terms of the accuracy and the response time ?
Presently I have found the SORBS list to be very fast, but I am not sure about the accuracy.
Thanks.

BC AdBot (Login to Remove)

 


#2 meuchel

meuchel

  • Members
  • 275 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:03:26 AM

Posted 25 April 2010 - 10:49 PM

i use spamhaus and sorbs.
both are pretty reliable with not many false positives.
i would stay away from barracuda as it seems to trap a lot more than it should.

#3 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:01:26 AM

Posted 26 April 2010 - 02:09 AM

This is something I whipped together. It's not pretty and it may not be what you're looking for, but here it is anyway:


<?php
class Logging{
//This part is optional, it logs every IP that is blocked.

	// define log file
	private $log_file = '/path/to/log/spamBlock.log';
	// define file pointer
	private $fp = null;
	// write message to the log file
	public function lwrite($message){
		// if file pointer doesn't exist, then open log file
		if (!$this->fp) $this->lopen();
		fwrite($this->fp, "$message\n");
	}
	// open log file
	private function lopen(){
		$lfile = $this->log_file;
		$this->fp = fopen($lfile, 'a') or exit("Can't open $lfile!");
	}
}

//In this case, I'm using the StopForumSpam list of bad IP's
$stopSpamUrl = 'http://www.stopforumspam.com/api';

//Get the user's IP
//$ip=@$REMOTE_ADDR; //Use if register_globals is ON
$ip = $_SERVER['REMOTE_ADDR']; //Use if register_globals is OFF

//Ask StopForumSpam about the IP address, returns XML
$cUrl = $stopSpamUrl.'?ip='.$ip;
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $cUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$xml = curl_exec($ch);
if (!$xml) echo "exit";
$response = simplexml_load_string($xml);
$responseAtt = $response->attributes();

$spammer = False;  //instantiate boolean as false

if ($response->appears = 'yes') { //if the IP is on the list
	if ($response->frequency >= '2') $spammer = True;  //if it's on the list two or more times
}
if ($responseAtt['success'] != 'true') $spammer = False;   //they're a spammer

if ($spammer == False) {
	include 'realPage.php';  //if they're not a spammer, then display the actual page they asked for, in this example called realPage.php
} else {  //Otherwise show the spammer an error message:
echo "<title>Access Denied</title>";
echo "</head>";
echo "<body bgcolor=\"#64748B\">";
echo "<p>&nbsp;</p>";
echo "<table width=\"918\" border=\"0\" align=\"center\">";
echo "<tr>";
echo "	<td width=\"156\" rowspan=\"4\"></td>";
echo "	<td>Error: Your IP:<b> " . $ip . "</b> is reported as malicious! </td>";
echo "  </tr>";
echo "  <tr>";
echo "	<td width=\"903\" bgcolor=\"#FFFFFF\"><ol>";
echo "		<p><strong>Your computer's IP address has been reported as malicious by StopForumSpam.com. </strong></p>";
echo "		<p>You may receive this message if you are connecting through an <a href=\"http://en.wikipedia.org/wiki/Open_proxy\" target=\"_blank\">open or anonymous 
proxy</a> service.</p>";
echo "		<p><strong>Click <a href=\"http://www.stopforumspam.com/removal\">here</a> to request a review of your IP.<br />";
echo "					  </strong></p>";
echo "	</ol>";
echo "	  </p>	</td>";
echo "  </tr>";
echo "  <tr>";
echo "	<td bgcolor=\"#FFFFFF\"><div align=\"center\">Go Away, spammer!</div></td>";
echo "  </tr>";
echo "  <tr>";
echo "	<td bgcolor=\"#999999\">&nbsp;</td>";
echo "  </tr>";
echo "</table>";

// Logging class initialization
$log = new Logging();
// write message to the log file
$day = `date`;
$log->lwrite('Spammer at ' . $ip . ' denied access on ' . $day);

}
http://www.boredomsoft.org/hosted/spammuh.txt

Edited by Andrew, 26 April 2010 - 12:16 PM.


#4 Romeo29

Romeo29

    Learning To Bleep

  • Topic Starter

  • Members
  • 3,194 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:127.0.0.1
  • Local time:03:26 AM

Posted 26 April 2010 - 08:13 AM

Thank you meuchel :flowers: I like SpamHaus.

Well Andrew, I have my own script for DNSBL checking but thank you for putting together this code :trumpet: I like the part for logging the spammer attempts. I am going to steal your code and use it in my own script :thumbsup:

#5 Andrew

Andrew

    Bleepin' Night Watchman


  • Moderator
  • 8,260 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Right behind you
  • Local time:01:26 AM

Posted 26 April 2010 - 08:14 AM

:thumbsup:

Truth be known, I use this myself already. It's by no means perfect and probably is poorly written (I'm no PHP person) but it suit my needs.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users