@ -7,7 +7,8 @@ const MSG_MIN_WORDS = 5;
const BANNED_WORDLIST = __DIR__ . "/../resources/net.contactspam/bannedwords.txt";
// Banned email domain check, one domain per line, useful if you get lots of spam from
// a domain your customers probably won't legitimately use
const BANNED_DOMAINS = __DIR__ . "/../resources/net.contactspam/banneddomains.txt";
const BANNED_EMAIL_DOMAINS = __DIR__ . "/../resources/net.contactspam/banneddomains.txt";
const BANNED_SPAM_DOMAINS = __DIR__ . "/../resources/net.contactspam/toxic_domains_whole.txt";
const BANNED_IP_LIST = __DIR__ . "/../resources/net.contactspam/bannedips.txt";
const BANNED_IP_CIDR = __DIR__ . "/../resources/net.contactspam/toxic_ip_cidr.txt";
// Domains to skip looking up for SURBL
@ -38,7 +39,7 @@ if (isset($VARS["message"])) {
//
// Check email domain
//
$banneddomainlist = file(BANNED_DOMAINS, FILE_IGNORE_NEW_LINES);
$banneddomainlist = file(BANNED_EMAIL_ DOMAINS, FILE_IGNORE_NEW_LINES);
foreach ($banneddomainlist as $domain) {
if ($email_domain == $domain) {
exitWithJson(["status" => "OK", "clean" => false, "filter" => "domain", "hit" => $domain, "message" => "Emails from \"" . htmlspecialchars($domain) . "\" are not allowed because of spam/abuse." . ($domain == "googlemail.com" ? " (Hint: use gmail.com instead)" : "")]);
@ -92,7 +93,7 @@ if (filter_var($clientip, FILTER_VALIDATE_IP, [FILTER_FLAG_IPV4])) {
$bannedipcidrlist = file(BANNED_IP_CIDR, FILE_IGNORE_NEW_LINES);
foreach ($bannedipcidrlist as $cidr) {
if (cidr_match($clientip, $cidr)) {
exitWithJson(["status" => "OK", "clean" => false, "filter" => "toxic_ip_cidr", "hit" => $clientip, "message" => "Your computer's IP address is on a spam blacklist."]);
exitWithJson(["status" => "OK", "clean" => false, "filter" => "stopforumspam_ toxic_ip_cidr", "hit" => $clientip, "message" => "Your computer's IP address is on a spam blacklist."]);
}
}
}
@ -100,11 +101,11 @@ if (filter_var($clientip, FILTER_VALIDATE_IP, [FILTER_FLAG_IPV4])) {
//
// Lookup reported client IP address against stopforumspam.com full IP list
//
if (filter_var($clientip, FILTER_VALIDATE_IP, [FILTER_FLAG_IPV4] )) {
if (filter_var($clientip, FILTER_VALIDATE_IP)) {
$bannediplist = file(BANNED_IP_LIST, FILE_IGNORE_NEW_LINES);
foreach ($bannediplist as $ip) {
if ($clientip == $ip) {
exitWithJson(["status" => "OK", "clean" => false, "filter" => "banned_ip", "hit" => $clientip, "message" => "Your computer's IP address is blacklisted for sending spam."]);
exitWithJson(["status" => "OK", "clean" => false, "filter" => "stopforumspam_ banned_ip", "hit" => $clientip, "message" => "Your computer's IP address is blacklisted for sending spam."]);
}
}
}
@ -142,6 +143,7 @@ $lists = [
"dbl.spamhaus.org",
"black.uribl.com"
];
$bannedspamdomains = file(BANNED_SPAM_DOMAINS, FILE_IGNORE_NEW_LINES);
try {
// Matches domain names
$regex = "/([a-zA-Z0-9][a-zA-Z0-9-]{1,61}[a-zA-Z0-9](?:\.[a-zA-Z]{2,})+)/i";
@ -166,10 +168,17 @@ try {
foreach ($domainlist as $d) {
// check local domain blacklist
foreach ($bannedspamdomains as $word) {
if ($word == $d) {
exitWithJson(["status" => "OK", "clean" => false, "filter" => "stopforumspam_domains", "hit" => $word, "message" => "Your message contains a domain ($d) that has been linked to recent spam or criminal activity. Message not sent."]);
}
}
// check online blacklists
foreach ($lists as $blacklist) {
$url = "$d.$blacklist";
// Cache IPs so we don't do a DNS lookup each time
// Cache result so we don't do a DNS lookup each time
$cacheresp = $memcache->get("net.contactspam.$url");
if ($cacheresp !== false) {
$dns_result = $cacheresp;
@ -189,6 +198,7 @@ try {
// Check local spammer database
if (env("require_database")) {
try {
if (!empty($clientip)) {
if ($database->has("net_contactspam_spammers", ["ip" => $clientip])) {
exitWithJson(["status" => "OK", "clean" => false, "filter" => "netsyms_ip_blacklist", "hit" => $clientip, "message" => "A computer at your IP address has sent spam in the past. Your message has been blocked."]);
@ -199,6 +209,9 @@ if (env("require_database")) {
exitWithJson(["status" => "OK", "clean" => false, "filter" => "netsyms_email_blacklist", "hit" => $email_lower, "message" => "Someone put your email as the from address on a spam message. Your message has been blocked."]);
}
}
} catch (Exception $ex) {
// skip
}
}
//