Hi,
Here's a little proof of concept which should do the right general thing.
If you put the groovy script at the top of your registration page, you can
edit the content of the page to behave differently if the user fails an RBL
check.
It would make sense to allow them in but lock the account and explain to them
that
they will be checked by an admin.
Ofc I know the feeling of just wanting to use the big hammer myself.
Caleb
{{groovy}}
import java.net.InetAddress;
def rbls = ['.dnsbl.tornevall.org'];
String[] bytes = request.getRemoteAddr().split("\\.");
// Test
//String[] bytes = ['111','243','227','227'];
String reversed = bytes[3] + "." + bytes[2] + "." + bytes[1] + "." + bytes[0];
def failedRbls = [];
for (String rbl : rbls) {
try {
InetAddress.getByName(reversed + rbl);
failedRbls.add(rbl);
} catch (UnknownHostException e) {
// expected
}
}
xcontext.get("vcontext").put("failedRbls", failedRbls);
{{/groovy}}
{{velocity}}
$failedRbls
{{/velocity}}
On 06/09/2012 05:16 PM, Niels Mayer wrote:
> This is either a feature request or a request for discussing
> solutions to the issue of known comment spammers against XWiki
> installs.
>
> There's known spammers like [email protected] (see
> http://www.nielsmayer.com/bin/view/XWiki/DavyCrokkett ) which have to
> be managed and curtailed for any XWiki install enabling comments.
>
> During registration, it would it be nice to check sites like
> http://www.stopforumspam.com/ and prevent registration emails from
> going out to known comment spammers.
>
> For example, the aforementioned spammer is listed at
> http://www.stopforumspam.com/ipcheck/111.243.227.227
> suggesting Current country of origin: Taiwan, Province of China
>
> Date IP Address Username Email
> 1-Jul-11 07:31 111.243.227.227 coseteene
> [email protected]
> 30-Jun-11 18:29 111.243.227.227 Assusypesound
> [email protected]
> 30-Jun-11 13:43 111.243.227.227 Impuppota
> [email protected]
> 30-Jun-11 11:22 111.243.227.227 Biordaccoma
> [email protected]
> 30-Jun-11 07:01 111.243.227.227 rooviskitte
> [email protected]
> 29-Jun-11 23:59 109.230.222.175 Beethyemegree
> [email protected]
> 29-Jun-11 22:49 111.243.227.227 Kneefshes
> [email protected]
> 29-Jun-11 13:59 111.243.227.227 seltencarne
> [email protected]
> 29-Jun-11 13:31 111.243.227.227 inigneedync
> [email protected]
> 29-Jun-11 11:50 174.142.132.203 Beethyemegree
> [email protected]
> 29-Jun-11 11:50 174.142.132.203 phorilmiplism
> [email protected]
> 29-Jun-11 07:53 111.243.227.227 Agergeevame
> [email protected]
> 29-Jun-11 05:56 111.243.227.227 Atomnegmess
> [email protected]
> 29-Jun-11 05:50 111.243.227.227 Impuppota
> [email protected]
>
> It would also be interesting for such flagged users to return a list
> of associated IP's (such as above) which could be blacklisted as well.
>
> I guess the correct solution would be to use
> http://extensions.xwiki.org/xwiki/bin/view/Extension/Social+Login but
> then the spammers would just end up getting twitter, facebook or
> foursquare logins and use those instead of hotmail accounts.
>
> -- Niels
> http://www.nielsmayer.com
> _______________________________________________
> users mailing list
> [email protected]
> http://lists.xwiki.org/mailman/listinfo/users
>
_______________________________________________
users mailing list
[email protected]
http://lists.xwiki.org/mailman/listinfo/users
