<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Neil Herber wrote:
<blockquote cite="mid7.0.0.16.0.20060328171514.03fadeb8@eton.ca"
type="cite">I do make use of IP blocklists for my mail server, but
email spammers are a different kind of animal from wiki spammers. I
would be very reluctant to use any IP-based list for detecting wiki
spam because the IP in question is the IP of a browser, not of a
supposed mail server.
<br>
</blockquote>
<br>
The black list I was referring to (web.dnsbl.sorbs.net) is described as
follows:<br>
<blockquote>List of web (WWW) servers which have spammer abusable
vulnerabilities (e.g. FormMail scripts) Note: This zone now includes
non-webserver IP addresses that have abusable vulnerabilities.<br>
</blockquote>
It seems that the vast majority of the bots I'm being bitten by are
running on machines already identified as being abusable machines
(probably a bot net).<br>
<br>
<blockquote cite="mid7.0.0.16.0.20060328171514.03fadeb8@eton.ca"
type="cite">However, there is a different kind of list (which I also
use on my mail server) used to check URIs in the message body:
<br>
<a class="moz-txt-link-freetext" href="http://www.surbl.org/">http://www.surbl.org/</a>
<br>
It is very effective in a mail server environment, but I am not sure
how well it would work in a PmWiki script, because there is a lot of
preprocessing followed by a DNS lookup. Implementation details are on
the SURBL site.
<br>
</blockquote>
<br>
I haven't looked too closely at surbl, but I will. Thanks for the
heads up! The code to do the lookup I'm considering actually isn't too
bad. Here is what I used:<br>
<br>
$lookup = implode('.', array_reverse(explode('.',
$_SERVER['REMOTE_ADDR']))) . '.' . 'web.dnsbl.sorbs.net';<br>
if (gethostbyname($lookup) == "127.0.0.7" )<br>
return( "IP Blocked by sorbs.net" );<br>
<br>
</body>
</html>