PDA

View Full Version : Spam Killer


Michael Morris
02-20-2005, 10:00 PM
Spam. You know what it is. You hate it. If you don't, you're not normal.

Comment spam. A rising plague. The bastards have destroyed USENET, made Email all but worthless and now they're setting their sights on blogs and messageboards. This hack is a way to fight back.

Spam Killer is designed to work with the MT Blacklist (http://www.jayallen.org/comment_spam/), a list of sites known to be the sourcepoint of spam. The program offered there is made for the blog program Moveable Type. This hack reads the Blacklist intended for that program and applies it to vbulletin.

Like most blacklist schemes, this needs to be constantly updated to be most effective. It also doesn't hurt that when spam does leak through if you add the URL's the spammers left behind to your own black list in case they try again. Of the many things they can spoof after all, their website's DNS is the most difficult (not impossible, but difficult). Further, most of the bush-league spammers that manually attack vbulletin boards don't have the expertise necessary to spoof a DNS (many of the fools can't properly spoof an IP).

Interested? Good. This hack is functional, but I'm putting it here in beta because it isn't as extensively tested as I'd like. For one, an installer would be useful - I haven't written one yet. For another, it would be nice if the system could auto-update, but I haven't been able to get into contact with Mr. Allen - coordinator of the MT-Blacklist project. Ideally the finished program would maintain both a master and a local blacklist and submit items from the local blacklist to the MT Blacklist project site for possible inclusion.

This beta isn't recommended for folks with no PHP experience. That said, let us begin with the install instructions.

Step 1: Download the Blacklist
http://www.jayallen.org/comment_spam/blacklist.txt

Step 2: Download the Spamkill extension
That file is attached to this thread. It goes to your forums/includes/ directory.

Step 4: Create a "System User"
If you have an RSS post account that'll work. The user needs to be distinct. Bans will be filed under this user's user name in the moderation logs.

Step 5: Adjust Settings
Open the spamkiller file and find the following code:


// settings
$systemuserid = 2;
$systemusername = 'Messageboard Golem';
$banusergroup = 8;
$reportforumid = 4; // Live site is 114

These items are in order

$systemuserid: User id of the account you created in Step 4.
$systemusername: User Name of the account you created in Step 4.
$banusergroup: The usergroup of your banned users.
$reportforumid: Your Staff forum. If you use Xenon's Reported Posts go in special forum (https://vborg.vbsupport.ru/showthread.php?threadid=61363) hack you can use the same forum id.


Step 6: Create no spam phrase
Create a new Front-End Error message titled No Spam. This is the text I used:

The system has ascertained that the message you submitted contained spam. As a result your account will be locked and the message will be discarded. A copy of the message has been sent to the administrators. If this lock was applied in error your account will be restored shortly.

Step 7: Create mtblacklist template
Create a template named mtblacklist. Paste the contents of the MT Blacklist file you downloaded in step 1 to this new template. At the end of the list you can add the URL's of spammers who've visited your boards in the past. There's no harm in duplication (known).

Step 8: Create Spam Alert template
Create a template called spam_alert. Here's it's contents:

The system has ascertained that the following message is probably spam based on the URL's it contains:

]
$newpost[message]



Step 9: Hack newthread.php and newreply.php

In both these files you'll see this code:

// moderation options
$newpost['stickunstick'] = $_POST['stickunstick'];
$newpost['openclose'] = $_POST['openclose'];

Below it add:

if ($bbuserinfo['posts'] < 20)
{
require('./includes/functions_spamkill.php');
}

You can adjust the conditional above as desired. The above cuts your established users (and your processor) a break by only scanning new posters.

Find this code (near the top)
$globaltemplates = array(
'newpost_attachment',

Insert below it

'mtblacklist',
'spam_alert',

And you're done. Again This is beta software. While I believe it is stable, not all bugs have been borne out and some functionality help would be appreciated.

nexialys
02-21-2005, 11:19 AM
... template to store a list in text ?! why not simply put the file in the includes directory, so we can update it when a new list is out ?!

btw, this is a good innitiative... great i can say!

Michael Morris
02-21-2005, 11:35 AM
Because I don't own the rights to that file nor do I maintain it. It gets updated every few days. I could copy it to here, but that would be theft.

EDIT: Oops - didn't get what you meant the first time I read that text - now I do. Well, for one, I'm not that good with php file handling commands :sheepish grin: For another admins who don't have ftp access to the server can still update the template this way.

nexialys
02-21-2005, 12:10 PM
nobody will be able to install your hack anyway if they don't have ftp access, as they have to edit some files...

also, http://us2.php.net/manual/en/function.file-get-contents.php for the way to read a file... this function is used in many places inside vBulletin... you can take a look, it's simple...

Marco van Herwaarden
02-21-2005, 12:33 PM
Nice idea, maybe a nice addition was to put an abuser into a moderated usergroup instead of banning..

Hmm what i am talking now, i guess if you put a Moderated group as the "Banned group" it would already work like that, or not?

Michael Morris
02-21-2005, 05:28 PM
Yeah pretty much.

nexialys> I'm testing a means to get this hack to work through PHPINCULDE_START. That way it doesn't cause upgrade grief. I still intend to check that page though - would eliminate an uneccessary step and query.

TCM
03-18-2005, 07:49 PM
Much appreciated. Although I've never had any trouble with this on my boards yet, there seem to be more attacks recerntly than in the past, and this can only help. http://www.thecomputermutt.ca/boards/images/smilies/smile.gif

EDIT: I installed this hack, and it worked well, except for the following thing. The "Spam Alert" was done by the test account I was using, not by the new account I'd set up for this. It did the same thing after I changed some stuff to the following.
$reportpost = array(
'username' => 'Spam Killer',
'userid' => 165,
'title' => 'Spam Alert: ' . $newpost['title'],
'emailupdate' => 9999
);

'Spam Killer' being the test account, and 165 being his userid.

Michael Morris
03-23-2005, 02:44 AM
Yeah, I've seen that bug too. I decided just to leave it be for now. Perhaps at some point I'll get the time to work on this :(

TCM
03-27-2005, 05:44 PM
Yeah, I've seen that bug too. I decided just to leave it be for now. Perhaps at some point I'll get the time to work on this :(I don't think it's acctually a bug with your hack, the Reported Post Hack does the same thing for me.

It caught it's first real spammer today. Yay! :D

yoyoyoyo
08-17-2005, 03:52 AM
In the instructions it says: Create a new Front-End Error message titled No Spam.Well, since error messages can't be named that way, what is the proper name?

I looked through the code and saw this:
eval(print_standard_error('error_nospam'));
is the real varname supposed to be "error_nospam"?