Michael Morris
02-20-2005, 10:00 PM
Spam. You know what it is. You hate it. If you don't, you're not normal.
Comment spam. A rising plague. The bastards have destroyed USENET, made Email all but worthless and now they're setting their sights on blogs and messageboards. This hack is a way to fight back.
Spam Killer is designed to work with the MT Blacklist (http://www.jayallen.org/comment_spam/), a list of sites known to be the sourcepoint of spam. The program offered there is made for the blog program Moveable Type. This hack reads the Blacklist intended for that program and applies it to vbulletin.
Like most blacklist schemes, this needs to be constantly updated to be most effective. It also doesn't hurt that when spam does leak through if you add the URL's the spammers left behind to your own black list in case they try again. Of the many things they can spoof after all, their website's DNS is the most difficult (not impossible, but difficult). Further, most of the bush-league spammers that manually attack vbulletin boards don't have the expertise necessary to spoof a DNS (many of the fools can't properly spoof an IP).
Interested? Good. This hack is functional, but I'm putting it here in beta because it isn't as extensively tested as I'd like. For one, an installer would be useful - I haven't written one yet. For another, it would be nice if the system could auto-update, but I haven't been able to get into contact with Mr. Allen - coordinator of the MT-Blacklist project. Ideally the finished program would maintain both a master and a local blacklist and submit items from the local blacklist to the MT Blacklist project site for possible inclusion.
This beta isn't recommended for folks with no PHP experience. That said, let us begin with the install instructions.
Step 1: Download the Blacklist
http://www.jayallen.org/comment_spam/blacklist.txt
Step 2: Download the Spamkill extension
That file is attached to this thread. It goes to your forums/includes/ directory.
Step 4: Create a "System User"
If you have an RSS post account that'll work. The user needs to be distinct. Bans will be filed under this user's user name in the moderation logs.
Step 5: Adjust Settings
Open the spamkiller file and find the following code:
// settings
$systemuserid = 2;
$systemusername = 'Messageboard Golem';
$banusergroup = 8;
$reportforumid = 4; // Live site is 114
These items are in order
$systemuserid: User id of the account you created in Step 4.
$systemusername: User Name of the account you created in Step 4.
$banusergroup: The usergroup of your banned users.
$reportforumid: Your Staff forum. If you use Xenon's Reported Posts go in special forum (https://vborg.vbsupport.ru/showthread.php?threadid=61363) hack you can use the same forum id.
Step 6: Create no spam phrase
Create a new Front-End Error message titled No Spam. This is the text I used:
The system has ascertained that the message you submitted contained spam. As a result your account will be locked and the message will be discarded. A copy of the message has been sent to the administrators. If this lock was applied in error your account will be restored shortly.
Step 7: Create mtblacklist template
Create a template named mtblacklist. Paste the contents of the MT Blacklist file you downloaded in step 1 to this new template. At the end of the list you can add the URL's of spammers who've visited your boards in the past. There's no harm in duplication (known).
Step 8: Create Spam Alert template
Create a template called spam_alert. Here's it's contents:
The system has ascertained that the following message is probably spam based on the URL's it contains:
]
$newpost[message]
Step 9: Hack newthread.php and newreply.php
In both these files you'll see this code:
// moderation options
$newpost['stickunstick'] = $_POST['stickunstick'];
$newpost['openclose'] = $_POST['openclose'];
Below it add:
if ($bbuserinfo['posts'] < 20)
{
require('./includes/functions_spamkill.php');
}
You can adjust the conditional above as desired. The above cuts your established users (and your processor) a break by only scanning new posters.
Find this code (near the top)
$globaltemplates = array(
'newpost_attachment',
Insert below it
'mtblacklist',
'spam_alert',
And you're done. Again This is beta software. While I believe it is stable, not all bugs have been borne out and some functionality help would be appreciated.
Comment spam. A rising plague. The bastards have destroyed USENET, made Email all but worthless and now they're setting their sights on blogs and messageboards. This hack is a way to fight back.
Spam Killer is designed to work with the MT Blacklist (http://www.jayallen.org/comment_spam/), a list of sites known to be the sourcepoint of spam. The program offered there is made for the blog program Moveable Type. This hack reads the Blacklist intended for that program and applies it to vbulletin.
Like most blacklist schemes, this needs to be constantly updated to be most effective. It also doesn't hurt that when spam does leak through if you add the URL's the spammers left behind to your own black list in case they try again. Of the many things they can spoof after all, their website's DNS is the most difficult (not impossible, but difficult). Further, most of the bush-league spammers that manually attack vbulletin boards don't have the expertise necessary to spoof a DNS (many of the fools can't properly spoof an IP).
Interested? Good. This hack is functional, but I'm putting it here in beta because it isn't as extensively tested as I'd like. For one, an installer would be useful - I haven't written one yet. For another, it would be nice if the system could auto-update, but I haven't been able to get into contact with Mr. Allen - coordinator of the MT-Blacklist project. Ideally the finished program would maintain both a master and a local blacklist and submit items from the local blacklist to the MT Blacklist project site for possible inclusion.
This beta isn't recommended for folks with no PHP experience. That said, let us begin with the install instructions.
Step 1: Download the Blacklist
http://www.jayallen.org/comment_spam/blacklist.txt
Step 2: Download the Spamkill extension
That file is attached to this thread. It goes to your forums/includes/ directory.
Step 4: Create a "System User"
If you have an RSS post account that'll work. The user needs to be distinct. Bans will be filed under this user's user name in the moderation logs.
Step 5: Adjust Settings
Open the spamkiller file and find the following code:
// settings
$systemuserid = 2;
$systemusername = 'Messageboard Golem';
$banusergroup = 8;
$reportforumid = 4; // Live site is 114
These items are in order
$systemuserid: User id of the account you created in Step 4.
$systemusername: User Name of the account you created in Step 4.
$banusergroup: The usergroup of your banned users.
$reportforumid: Your Staff forum. If you use Xenon's Reported Posts go in special forum (https://vborg.vbsupport.ru/showthread.php?threadid=61363) hack you can use the same forum id.
Step 6: Create no spam phrase
Create a new Front-End Error message titled No Spam. This is the text I used:
The system has ascertained that the message you submitted contained spam. As a result your account will be locked and the message will be discarded. A copy of the message has been sent to the administrators. If this lock was applied in error your account will be restored shortly.
Step 7: Create mtblacklist template
Create a template named mtblacklist. Paste the contents of the MT Blacklist file you downloaded in step 1 to this new template. At the end of the list you can add the URL's of spammers who've visited your boards in the past. There's no harm in duplication (known).
Step 8: Create Spam Alert template
Create a template called spam_alert. Here's it's contents:
The system has ascertained that the following message is probably spam based on the URL's it contains:
]
$newpost[message]
Step 9: Hack newthread.php and newreply.php
In both these files you'll see this code:
// moderation options
$newpost['stickunstick'] = $_POST['stickunstick'];
$newpost['openclose'] = $_POST['openclose'];
Below it add:
if ($bbuserinfo['posts'] < 20)
{
require('./includes/functions_spamkill.php');
}
You can adjust the conditional above as desired. The above cuts your established users (and your processor) a break by only scanning new posters.
Find this code (near the top)
$globaltemplates = array(
'newpost_attachment',
Insert below it
'mtblacklist',
'spam_alert',
And you're done. Again This is beta software. While I believe it is stable, not all bugs have been borne out and some functionality help would be appreciated.