private function severity($ip)
{
$rev = SblamURI::gethostbyaddr($ip);
if (is_array($rev)) {
warn($rev, "gethostbyaddr returned array!?");
$rev = reset($rev);
}
if (!$rev) {
return 3;
}
if (preg_match('/(^|[.-])(vp[sn]|srv)[.\\d-]|(^|\\.)(colo|dedi?)[-.]|dedic|resell|serv(er|[.\\d-])|^ns\\d*\\.|^mail\\d*\\.|multicast|invalid|unknown/', $rev)) {
return 2;
}
if (preg_match('/internetdsl\\.|static/', $rev) || preg_match('/^[^\\d]+$/', $rev) || strlen($rev) < 10) {
return 1.5;
}
if (preg_match('/^nat[\\d.-]|cache|proxy|gprs[^a-z]|dynamic|\\.dhcp\\.|\\.sta\\.|ppp[\\d.-]|\\.dyn\\.|(^|[.-])adsl[.0-9-]/', $rev)) {
return 0.8;
}
return 1;
}
function testPost(ISblamPost $p)
{
// whitelist only direct connection (because other can be forged) and only when there aren't any objectionable hosts there
$out = array();
$firstIP = true;
$whitelisted = false;
foreach ($p->getAuthorIPs() as $ip) {
$rev = SblamURI::gethostbyaddr($ip);
if (!$rev) {
continue;
}
if (is_array($rev)) {
warn($rev, 'gethostbyaddr returned array');
$rev = reset($rev);
}
// WTF?
if (preg_match('!(?:\\.|^)(?:' . $this->isps . ')$!', $rev)) {
$out[] = array(0.5, self::CERTAINITY_LOW, "Sent from blacklisted ISP ({$rev})");
} else {
if ($firstIP && preg_match('!\\.(?:' . $this->whitelist . ')$!', $rev)) {
$whitelisted = true;
} else {
if (preg_match('!\\.(?:' . $this->blacklist . ')$!', $rev)) {
$out[] = array(0.35, self::CERTAINITY_LOW, "Sent from blacklisted TLD ({$rev})");
}
}
}
$firstIP = false;
}
if (!count($out) && $whitelisted) {
return array(-0.25, self::CERTAINITY_LOW, "Sent from whitelisted TLD ({$rev})");
}
if (count($out)) {
return $out;
}
}
