Support » Plugins » Announce: WordPress/SpamAssassin integration

  • I’ve integrated SpamAssassin with WordPress to moderate suspicious comments. More than a list of bad words and domains or set of regular expressions, wordpress-spam-moderator leverages the content and network tests of SpamAssassin, especially the SURBL domain blacklist (www.surbl.org)
    The code is documented and slightly tested. See http://www.cynistar.net/~apthorpe/code/babycart/ especially Blog-SpamAssassin-1.3.tar.gz and wordpress-spam-moderator.tgz.
    You should be comfortable installing perl modules (not necessarily in the system tree); SpamAssassin knowledge is a plus but not mandatory.

Viewing 3 replies - 1 through 3 (of 3 total)
  • Sounds great. Out of curiousity: is there significant overlap between IPs that send email spam and those that send comment spam?

    Thread Starter apthorpe

    (@apthorpe)

    I have no idea, though it’s important not to score comments that come from dynamically-allocated netblocks (e.g. dialup, broadband.) We expect legitimate web traffic from those networks but no legitimate mail traffic since dynamic users should be submitting mail through their ISP’s mailserver.
    Open proxies are a big problem regardless of the services they proxy. The IRC networks were blocking open proxies for years before anyone thought to refuse mail from them. I’d assert that any system running an open proxy is not under it’s owner’s control (or the owner is not responsible), so rejecting all traffic from those systems is a defensible security measure. But that’s me.
    I don’t see enough traffic to get any really decent data but the info’s there if you want to do something with it (IP address, score, rules hit.)
    The big win out of all this is SURBL checks. Initially I just wanted to extract domains from links and check those against SURBL. This is not trivial due to 2nd and 3rd-level TLDs (example: bbc.co.uk is a domain, co.uk is not) and redirector services (Google, Yahoo.)
    So rather than reinvent the wheel badly, I treated the comment as a message body, wrapped it in fake-but-believable mail headers and fed it to SpamAssassin. And since people were spamming via metadata (subject, sender’s URL, etc.) it made sense to analyze the metadata as well as the content. I’m surprised at how well it worked out, given the code is about 72 hours old; there’s definite need for testing, tuning, and improvement.

    this is just what i need, recently, i got about 40 spam on casino all of a sudden 🙁

Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Announce: WordPress/SpamAssassin integration’ is closed to new replies.