You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by dny <ma...@gmail.com> on 2006/04/08 09:42:42 UTC
apache httpd + spam assassin = web without spam?
nowadays, spammer not only goes to mail.
they now also spamming blog comments, wiki, guestbook, etc....
is there a way to setup apache to use spam assassin rule?
so that apache will check first (dnsbl or some other way) if the
posted content is spam or not?
or, perhaps only let those spammers to read our web (is it http get?)
and block them from posting anything in our web (http post?)
any way??
rgds,
dny
--
... but that which cometh out of the mouth,
this defileth a man. Mat 15:11
Re: apache httpd + spam assassin = web without spam?
Posted by Magnus Holmgren <ho...@lysator.liu.se>.
Saturday 08 April 2006 12:43 skrev Benny Pedersen:
> > nowadays, spammer not only goes to mail. they now also spamming blog
> > comments, wiki, guestbook, etc....
>
> speak is free :-)
>
> > is there a way to setup apache to use spam assassin rule? so that apache
> > will check first (dnsbl or some other way) if the posted content is spam
> > or not?
>
> overkill, what the sites neds is userlogins and password then it will stop
> real fast with spam
I don't like to sign up and keep track of accounts for 4711 different blogs
and forums where I might post one comment ever. It's so much easier when you
can just type your comment and hit Submit.
Single sign-on systems like Liberty Alliance and Passport.net is a way to go,
but those are not for everybody, it seems.
Another solution I've been thinking of is requiring posts to be PGP-signed, or
accepting PGP-signed posts in addition to posts from registered users.
--
Magnus Holmgren
Re: apache httpd + spam assassin = web without spam?
Posted by Benny Pedersen <me...@junc.org>.
> nowadays, spammer not only goes to mail. they now also spamming blog comments, wiki, guestbook, etc....
speak is free :-)
> is there a way to setup apache to use spam assassin rule? so that apache will check first (dnsbl or some
> other way) if the posted content is spam or not?
overkill, what the sites neds is userlogins and password then it will stop real fast with spam
> or, perhaps only let those spammers to read our web (is it http get?) and block them from posting anything
> in our web (http post?)
you could allways track at with ip the spam is comming from, but that does not solve well since a ip could
hold more then one user
> any way??
back to drawing boards
Re: [users@httpd] apache httpd + spam assassin = web without spam?
Posted by Nick Kew <ni...@webthing.com>.
On Saturday 08 April 2006 18:05, Joshua Slive wrote:
> Other than that, there are tons of application-specific anti-spam
> solutions for various wikis, blogs, etc. But it would not be very
> easy to make a generic apache-wide solution.
If anyone were interested in a generic apache-wide solution,
it might be worth looking at the mod_security ruleset project.
I don't know what problem spaces that covers (I think the
primary focus is on protecting PHP authors from themselves),
but it might have something to offer.
--
Nick Kew
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] apache httpd + spam assassin = web without spam?
Posted by Joshua Slive <jo...@slive.ca>.
On 4/8/06, dny <ma...@gmail.com> wrote:
> nowadays, spammer not only goes to mail.
> they now also spamming blog comments, wiki, guestbook, etc....
>
> is there a way to setup apache to use spam assassin rule?
> so that apache will check first (dnsbl or some other way) if the
> posted content is spam or not?
>
> or, perhaps only let those spammers to read our web (is it http get?)
> and block them from posting anything in our web (http post?)
There are various ways to use dns blacklists with apache. You can
google for mod_dnsbl or browse http://modules.apache.org/.
Other than that, there are tons of application-specific anti-spam
solutions for various wikis, blogs, etc. But it would not be very
easy to make a generic apache-wide solution.
Joshua.
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: apache httpd + spam assassin = web without spam?
Posted by mouss <us...@free.fr>.
dny wrote:
> nowadays, spammer not only goes to mail.
> they now also spamming blog comments, wiki, guestbook, etc....
>
> is there a way to setup apache to use spam assassin rule?
> so that apache will check first (dnsbl or some other way) if the
> posted content is spam or not?
>
> or, perhaps only let those spammers to read our web (is it http get?)
> and block them from posting anything in our web (http post?)
>
if most of this spam has URLs that are found on uribl/surbl/..., then
all you need is a uribl check. if the URL is listed, then either reject
or moderate (or do anything you feel right: captcha, confirmation,
subscribe, ...).
http://drupal.org/ has a "spam" module.
RE: apache httpd + spam assassin = web without spam?
Posted by Steve Thomas <li...@sthomas.net>.
> I was having this problem for a while... then I added a confirmation block
> to my guestbook - so that any post had to be confirmed.
>
> Boom - spam stopped (I've never even gotten confirmation notices that they
> tried again).
I did basically the same thing. I hacked PHPBB a little to throw an error
if a certain non-standard form field didn't have a specific value, and my
forum spam has stopped completely. Their bots are still creating accounts,
but they can't post, so there's no real damage done.
St-
RE: apache httpd + spam assassin = web without spam?
Posted by Will Nordmeyer <wi...@willspc.net>.
I was having this problem for a while... then I added a confirmation block
to my guestbook - so that any post had to be confirmed.
Boom - spam stopped (I've never even gotten confirmation notices that they
tried again).
--Will
-----Original Message-----
From: dny [mailto:mail2dny@gmail.com]
Sent: Saturday, April 08, 2006 3:43 AM
To: users@spamassassin.apache.org; users@httpd.apache.org
Subject: apache httpd + spam assassin = web without spam?
nowadays, spammer not only goes to mail.
they now also spamming blog comments, wiki, guestbook, etc....
is there a way to setup apache to use spam assassin rule?
so that apache will check first (dnsbl or some other way) if the
posted content is spam or not?
or, perhaps only let those spammers to read our web (is it http get?)
and block them from posting anything in our web (http post?)
any way??
rgds,
dny
--
... but that which cometh out of the mouth,
this defileth a man. Mat 15:11