I think I should look for another hobby as having bad ideas and trying them out can be quite time intensive. But here is an idea I put to code lately. What is the best spam killer for free? Spamassassin. Can’t we abuse it for spam checking on webpages? Let’s find out.
Spamassassin is usually doing its job as the spamd process, talking to the mail server via sockets or a TCP Connection. What we need to do is creating a minimalistic RFC822 message with the line endings used from MSDOS Times – CrLf.
As PHP is able to talk to sockets using the socket_create() function, we can pass this messages on to the spamd, trying to get its response. The message header of course has to be faked, as we are not receiving a mail message. But this should not be a problem as we got all required data. Forgive me the mix of example data and php functions, you should be able to get the idea although:
From $comment_email ”
gmdate(“D M d H:i:s Y”)
Received: from gethostbyaddr($user_ip) $user_ip by $_SERVER[“HTTP_HOST”] via $sitename; date(“r”)From: $comment_name <$comment_email>
Date: date(“r”)
Subject: $comment_subject
To: $webmaster_email’$commnt_text
This way SpamAssassin is able to deal with our comment as it would be a mail entering our mail system. So we would be able to see why a message is spam, according to the SpamAssassin rule sets. A queue implementation would be needed to ensure proper handling if there is big spam traffic.
Ideas? Comments? Complains? Feel free to drop me a line.
Dieter@be says:
Good idea.
In fact, I’ve always found it weird to have different, separate solutions for different “kinds” of spam (e-mail spam vs webpage spam) but yet the solutions only focus only on their kind. (eg spamassasin for mail, akismet for webpages). Combining the intelligence from both and joining forces to build the ultimate anti-spam system that you can use for e-mail, webpages, etc would be neat.
Stargazer says:
To be honest, I do not trust akismet as if a server breaks down there, you’re pretty lost.
Of course you can recheck the moderation queue – but it is always good to have another solution as backup keeping the crap off your systems. And I am sure that not only WordPress got this problem.
If You Need Inspiration – Bodge | ChrisMerriman.com says:
[…] using the e-mail spam protection system ‘Spam Assassin’. The principle behind using spamassassin for webpages is quite simple, so don’t be put off by the code example he gives in the post if you are not […]