function event_hook($event, &$bag, &$eventData, $addData = null)
 {
     global $serendipity;
     $hooks =& $bag->get('event_hooks');
     if (isset($hooks[$event])) {
         switch ($event) {
             case 'frontend_saveComment':
                 if (!is_array($eventData) || serendipity_db_bool($eventData['allow_comments'])) {
                     $serendipity['csuccess'] = 'true';
                     // Check for IP listed in RBL
                     require_once (defined('S9Y_PEAR_PATH') ? S9Y_PEAR_PATH : 'bundled-libs/') . 'Net/DNSBL.php';
                     $dnsbl = new Net_DNSBL();
                     $remoteIP = $_SERVER['REMOTE_ADDR'];
                     $dnsbl->setBlacklists(explode(',', $this->get_config('rbllist')));
                     if ($dnsbl->isListed($remoteIP)) {
                         $eventData = array('allow_comments' => false);
                         // old - but missing $dnsbl->getTxt() function in delivered old DNSBL.php
                         //$serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_RBL . ' ('.implode(', ', $dnsbl->getTxt($remoteIP)).')';
                         $serendipity['messagestack']['comments'][] = PLUGIN_EVENT_SPAMBLOCK_ERROR_RBL . ' (' . $remoteIP . ')';
                         return false;
                     }
                     // Check for IP listed in http:BL
                     require_once 'httpbl.php';
                     $honeypot_apikey = $this->get_config('httpBL_key');
                     if (!empty($honeypot_apikey)) {
                         $h = new http_bl($honeypot_apikey);
                         // known spammer
                         // DEBUG                    $remoteIP = '206.51.226.106';
                         // A quick tip for testing: change $remoteIP = '$_SERVER['REMOTE_ADDR']; on line 89 to e.g.
                         // $remoteIP = '109.200.6.202'; // Comments should get rejected as this ip is on both blacklists right now.
                         $r = $h->query($remoteIP);
                         if ($r == 2) {
                             $eventData = array('allow_comments' => false);
                             $reason = PLUGIN_EVENT_SPAMBLOCK_REASON_HONEYPOT . $h->type_txt . ' [' . $h->type_num . '] with a score of ' . $h->score . ', last seen since ' . $h->days . ' days';
                             $serendipity['messagestack']['comments'][] = $reason;
                         }
                         return false;
                     }
                 }
                 return true;
                 break;
             default:
                 return false;
                 break;
         }
     } else {
         return false;
     }
 }
Ejemplo n.º 2
0
function ChecksDNSBL($iptocheck = null, $output = false, $increment = false)
{
    if (trim($iptocheck == "--force")) {
        $iptocheck = null;
        $output = false;
    }
    $textip = null;
    if ($iptocheck == null) {
        $myip = GetMyIp();
    } else {
        $myip = $iptocheck;
    }
    if (!preg_match("#[0-9+]\\.[0-9+]\\.[0-9+]\\.[0-9+]#", $myip)) {
        $textip = " ({$myip}) ";
        $myip = gethostbyname($myip);
        if ($GLOBALS["VERBOSE"]) {
            echo "Checking {$myip}...........: was{$textip}\n";
        }
    }
    $sock = new sockets();
    $unix = new unix();
    $RBLCheckFrequency = $sock->GET_INFO("RBLCheckFrequency");
    $RBLCheckNotification = $sock->GET_INFO("RBLCheckNotification");
    if (!is_numeric($RBLCheckFrequency)) {
        $RBLCheckFrequency = 60;
    }
    if (!is_numeric($RBLCheckNotification)) {
        $RBLCheckNotification = 0;
    }
    if ($GLOBALS["VERBOSE"]) {
        echo "Checking {$myip}{$textip}...........: RBLCheckFrequency...: {$RBLCheckFrequency}\n";
        echo "Checking {$myip}{$textip}...........: RBLCheckNotification: {$RBLCheckNotification}\n";
    }
    if (!$GLOBALS["FORCE"]) {
        $md = md5($myip);
        $timefile = "/etc/artica-postfix/cron.1/ChecksDNSBL.{$md}.time";
        if (!$GLOBALS["VERBOSE"]) {
            $time = file_time_min($timefile);
            if ($time < $RBLCheckFrequency) {
                echo @file_get_contents($timefile);
                return;
            }
        }
        @unlink($timefile);
        @file_put_contents($timefile, "#");
    }
    include_once 'Net/DNSBL.php';
    $dnsbl = new Net_DNSBL();
    if (!isset($GLOBALS["DDNS"])) {
        $sql = "SELECT * FROM rbl_servers WHERE enabled=1 ORDER BY `rbl`";
        $q = new mysql();
        $results = $q->QUERY_SQL($sql, "artica_backup");
        if ($q->ok) {
            while ($ligne = @mysql_fetch_array($results, MYSQL_ASSOC)) {
                $GLOBALS["DDNS"][] = $ligne["rbl"];
            }
        }
    }
    if (count($GLOBALS["DDNS"]) == 0) {
        $GLOBALS["DDNS"][] = "b.barracudacentral.org";
        $GLOBALS["DDNS"][] = "bl.deadbeef.com";
        $GLOBALS["DDNS"][] = "bl.emailbasura.org";
        $GLOBALS["DDNS"][] = "bl.spamcannibal.org";
        $GLOBALS["DDNS"][] = "bl.spamcop.net";
        //$dnss[]="blackholes.five-ten-sg.com";
        $GLOBALS["DDNS"][] = "blacklist.woody.ch";
        $GLOBALS["DDNS"][] = "bogons.cymru.com";
        $GLOBALS["DDNS"][] = "cbl.abuseat.org";
        $GLOBALS["DDNS"][] = "cdl.anti-spam.org.cn";
        $GLOBALS["DDNS"][] = "combined.abuse.ch";
        $GLOBALS["DDNS"][] = "combined.rbl.msrbl.net";
        $GLOBALS["DDNS"][] = "db.wpbl.info";
        $GLOBALS["DDNS"][] = "dnsbl-1.uceprotect.net";
        $GLOBALS["DDNS"][] = "dnsbl-2.uceprotect.net";
        $GLOBALS["DDNS"][] = "dnsbl-3.uceprotect.net";
        $GLOBALS["DDNS"][] = "dnsbl.ahbl.org";
        $GLOBALS["DDNS"][] = "dnsbl.cyberlogic.net";
        $GLOBALS["DDNS"][] = "dnsbl.inps.de";
        $GLOBALS["DDNS"][] = "dnsbl.njabl.org";
        $GLOBALS["DDNS"][] = "dnsbl.sorbs.net";
        $GLOBALS["DDNS"][] = "drone.abuse.ch";
        $GLOBALS["DDNS"][] = "drone.abuse.ch";
        $GLOBALS["DDNS"][] = "duinv.aupads.org";
        $GLOBALS["DDNS"][] = "dul.dnsbl.sorbs.net";
        $GLOBALS["DDNS"][] = "dul.ru";
        $GLOBALS["DDNS"][] = "dyna.spamrats.com";
        $GLOBALS["DDNS"][] = "dynip.rothen.com";
        $GLOBALS["DDNS"][] = "fl.chickenboner.biz";
        $GLOBALS["DDNS"][] = "http.dnsbl.sorbs.net";
        $GLOBALS["DDNS"][] = "images.rbl.msrbl.net";
        $GLOBALS["DDNS"][] = "ips.backscatterer.org";
        $GLOBALS["DDNS"][] = "ix.dnsbl.manitu.net";
        $GLOBALS["DDNS"][] = "korea.services.net";
        $GLOBALS["DDNS"][] = "misc.dnsbl.sorbs.net";
        $GLOBALS["DDNS"][] = "noptr.spamrats.com";
        $GLOBALS["DDNS"][] = "ohps.dnsbl.net.au";
        $GLOBALS["DDNS"][] = "omrs.dnsbl.net.au";
        $GLOBALS["DDNS"][] = "orvedb.aupads.org";
        $GLOBALS["DDNS"][] = "osps.dnsbl.net.au";
        $GLOBALS["DDNS"][] = "osrs.dnsbl.net.au";
        $GLOBALS["DDNS"][] = "owfs.dnsbl.net.au";
        $GLOBALS["DDNS"][] = "owps.dnsbl.net.au";
        $GLOBALS["DDNS"][] = "pbl.spamhaus.org";
        $GLOBALS["DDNS"][] = "phishing.rbl.msrbl.net";
        $GLOBALS["DDNS"][] = "probes.dnsbl.net.au";
        $GLOBALS["DDNS"][] = "proxy.bl.gweep.ca";
        $GLOBALS["DDNS"][] = "proxy.block.transip.nl";
        $GLOBALS["DDNS"][] = "psbl.surriel.com";
        $GLOBALS["DDNS"][] = "rbl.interserver.net";
        $GLOBALS["DDNS"][] = "rdts.dnsbl.net.au";
        $GLOBALS["DDNS"][] = "relays.bl.gweep.ca";
        $GLOBALS["DDNS"][] = "relays.bl.kundenserver.de";
        $GLOBALS["DDNS"][] = "relays.nether.net";
        $GLOBALS["DDNS"][] = "residential.block.transip.nl";
        $GLOBALS["DDNS"][] = "ricn.dnsbl.net.au";
        $GLOBALS["DDNS"][] = "rmst.dnsbl.net.au";
        $GLOBALS["DDNS"][] = "sbl.spamhaus.org";
        $GLOBALS["DDNS"][] = "short.rbl.jp";
        $GLOBALS["DDNS"][] = "smtp.dnsbl.sorbs.net";
        $GLOBALS["DDNS"][] = "socks.dnsbl.sorbs.net";
        $GLOBALS["DDNS"][] = "spam.abuse.ch";
        $GLOBALS["DDNS"][] = "spam.dnsbl.sorbs.net";
        $GLOBALS["DDNS"][] = "spam.rbl.msrbl.net";
        $GLOBALS["DDNS"][] = "spam.spamrats.com";
        $GLOBALS["DDNS"][] = "spamlist.or.kr";
        $GLOBALS["DDNS"][] = "spamrbl.imp.ch";
        $GLOBALS["DDNS"][] = "t3direct.dnsbl.net.au";
        $GLOBALS["DDNS"][] = "tor.ahbl.org";
        $GLOBALS["DDNS"][] = "tor.dnsbl.sectoor.de";
        $GLOBALS["DDNS"][] = "torserver.tor.dnsbl.sectoor.de";
        $GLOBALS["DDNS"][] = "ubl.lashback.com";
        $GLOBALS["DDNS"][] = "ubl.unsubscore.com";
        $GLOBALS["DDNS"][] = "virbl.bit.nl";
        $GLOBALS["DDNS"][] = "virus.rbl.jp";
        $GLOBALS["DDNS"][] = "virus.rbl.msrbl.net";
        $GLOBALS["DDNS"][] = "web.dnsbl.sorbs.net";
        $GLOBALS["DDNS"][] = "wormrbl.imp.ch";
        $GLOBALS["DDNS"][] = "xbl.spamhaus.org";
        $GLOBALS["DDNS"][] = "zen.spamhaus.org";
        $GLOBALS["DDNS"][] = "zombie.dnsbl.sorbs.net";
    }
    if ($GLOBALS["VERBOSE"]) {
        echo "Checking {$myip}{$textip}...........: checking............: " . count($GLOBALS["DDNS"]) . " rbls servers\n";
        echo "Checking {$myip}{$textip}...........: Output..............: {$output}\n";
    }
    if ($GLOBALS["VERBOSE"]) {
        echo "checking " . count($GLOBALS["DDNS"]) . " rbls servers\n";
    }
    if ($GLOBALS["VERBOSE"]) {
        echo "Checking {$myip}...........: ->setBlacklists();\n";
    }
    reset($GLOBALS["DDNS"]);
    $dnsbl->setBlacklists($GLOBALS["DDNS"]);
    if (!$output) {
        if (!$increment) {
            if ($GLOBALS["VERBOSE"]) {
                echo "Delete /usr/share/artica-postfix/ressources/logs/web/blacklisted.html\n";
            }
            @unlink("/usr/share/artica-postfix/ressources/logs/web/blacklisted.html");
        }
    }
    if ($output) {
        if ($dnsbl->isListed($myip)) {
            $blacklist = $dnsbl->getListingBl($myip);
            $detail = $dnsbl->getDetails($myip);
            $final = "{$blacklist};{$detail["txt"][0]}";
            @file_put_contents($timefile, $final);
            echo $final;
        }
        return;
    }
    $date = date('l F H:i');
    if ($GLOBALS["VERBOSE"]) {
        echo "Checking {$myip}{$textip}...........: Output..............: {$date}\n";
    }
    if (!$increment) {
        @unlink("/usr/share/artica-postfix/ressources/logs/web/blacklisted.html");
        @unlink("/usr/share/artica-postfix/ressources/logs/web/Notblacklisted.html");
    }
    if ($dnsbl->isListed($myip)) {
        $blacklist = $dnsbl->getListingBl($myip);
        if ($RBLCheckNotification == 1) {
            $unix->send_email_events("Your server ({$myip}{$textip}) is blacklisted from {$blacklist}", "This is the result of checking your server from " . count($GLOBALS["DDNS"]) . " black list servers.\n   It seems your server (ip:{$myip}{$textip}) is blacklisted from {$blacklist}\n   If you trying to send mails from this server, it should be rejected from many SMTP servers that use \"{$blacklist}\" for check senders IP addresses.\n   ", "postfix");
        }
        echo "{$myip}: blacklisted from {$blacklist} write \"/usr/share/artica-postfix/ressources/logs/web/blacklisted.html\"\n";
        $p = Paragraphe('danger64.png', "{WARN_BLACKLISTED}", "{$myip}{$textip} {IS_BLACKLISTED_FROM} {$blacklist} ({$date})", "javascript:Loadjs('system.rbl.check.php')", "{$myip} {IS_BLACKLISTED_FROM} {$blacklist}", 300, 80);
        if ($increment) {
            $p = @file_get_contents("/usr/share/artica-postfix/ressources/logs/web/blacklisted.html") . $p;
        }
        @file_put_contents("/usr/share/artica-postfix/ressources/logs/web/blacklisted.html", $p);
        shell_exec("/bin/chmod 777 /usr/share/artica-postfix/ressources/logs/web/blacklisted.html >/dev/null 2>&1");
        return;
    } else {
        if ($GLOBALS["VERBOSE"]) {
            echo "checking " . count($GLOBALS["DDNS"]) . " rbls servers success\n";
        }
    }
    $dnsbl = new Net_DNSBL();
    reset($GLOBALS["DDNS"]);
    $dnsbl->setBlacklists($GLOBALS["DDNS"]);
    if ($dnsbl->isListed($myip)) {
        $blacklist = $dnsbl->getListingBl($myip);
        if ($RBLCheckNotification == 1) {
            send_email_events("Your server ({$myip}{$textip}) is blacklisted from {$blacklist}", "This is the result of checking your server from " . count($GLOBALS["DDNS"]) . " black list servers.\n\t   It seems your server (ip:{$myip}{$textip}) is blacklisted from {$blacklist}\n\t   If you trying to send mails from this server, it should be rejected from many SMTP servers that use \"{$blacklist}\" for check senders IP addresses.\n\t   ", "postfix");
        }
        echo "{$myip}{$textip}: blacklisted from {$blacklist} write \"/usr/share/artica-postfix/ressources/logs/web/blacklisted.html\"\n";
        $p = Paragraphe('danger64.png', "{WARN_BLACKLISTED}", "{$myip}{$textip} {IS_BLACKLISTED_FROM} {$blacklist} ({$date})", "javascript:Loadjs('system.rbl.check.php')", "{$myip}{$textip} {IS_BLACKLISTED_FROM} {$blacklist}", 300, 80);
        if ($increment) {
            $p = @file_get_contents("/usr/share/artica-postfix/ressources/logs/web/blacklisted.html") . $p;
        }
        @file_put_contents("/usr/share/artica-postfix/ressources/logs/web/blacklisted.html", $p);
        shell_exec("/bin/chmod 777 /usr/share/artica-postfix/ressources/logs/web/blacklisted.html >/dev/null 2>&1");
        return;
    } else {
        if ($GLOBALS["VERBOSE"]) {
            echo "checking " . count($GLOBALS["DDNS"]) . " rbls servers success\n";
        }
    }
    $p = Paragraphe('ok64.png', "{NOT_BLACKLISTED}", "{$myip}{$textip} {IS_NOT_BLACKLISTED } ({$date})", "javascript:Loadjs('system.rbl.check.php')", null, 300, 80);
    if ($increment) {
        $p = @file_get_contents("/usr/share/artica-postfix/ressources/logs/web/Notblacklisted.html") . $p;
    }
    @file_put_contents("/usr/share/artica-postfix/ressources/logs/web/Notblacklisted.html", $p);
    shell_exec("/bin/chmod 777 /usr/share/artica-postfix/ressources/logs/web/Notblacklisted.html >/dev/null 2>&1");
}
Ejemplo n.º 3
0
    // This is a read transaction, use the slave database
    $lilurl = new lilURL(READ_ONLY);
    if (isset($_GET['id'])) {
        $id = mysql_escape_string($_GET['id']);
    } elseif (REWRITE) {
        $explodo = explode('/', $_SERVER['REQUEST_URI']);
        $id = mysql_escape_string($explodo[count($explodo) - 1]);
    } else {
        $id = '';
    }
    // if the id isn't empty and it's not this file, redirect to it's url
    if ($id != '' && $id != basename($_SERVER['PHP_SELF'])) {
        $location = $lilurl->get_url($id);
        if ($location != -1) {
            $surbl = new Net_DNSBL_SURBL();
            $dnsbl = new Net_DNSBL();
            if ($surbl->isListed($location) || $dnsbl->isListed(parse_url($location, PHP_URL_HOST))) {
                // 410 Gone
                // XXX: cache this result
                header("HTTP/1.1 410 Gone");
                $msg = '<p class="error">Blacklisted URL!</p>';
            } else {
                header('Location: ' . $location);
            }
        } else {
            $msg = '<p class="error">Sorry, but that ur1 isn\'t in our database.</p>';
        }
    }
}
// print the form
?>
Ejemplo n.º 4
0
<?php

// ini_set("display_errors", "1");
require_once 'Net/DNSBL.php';
$dnsbl = new Net_DNSBL();
$dnsbl->setBlacklists(array('sbl-xbl.spamhaus.org', 'bl.spamcop.net', 'dnsbl-1.uceprotect.net', 'dnsbl-2.uceprotect.net', 'dnsbl-3.uceprotect.net', 'zen.spamhaus.org', 'rbl.efnetrbl.org'));
function checkIP($ip)
{
    global $dnsbl;
    if ($dnsbl->isListed($ip)) {
        return true;
    } else {
        return false;
    }
}