Here is a filter that you can start with and modify to your liking. I use it for an email script that uses a hash, but the process is not as important as the filter itself.
sub validate_mail { my $self = shift; $self->{hackattempt} = "false"; my @entries = @_; foreach my $i (@entries) { #Catch comment spam/injection attempts!!! #Here is the filter you can modify -- if ($i =~ /(\.\.)|[\\]+|[\<\>]+|[\{\}]+|[\(\)]+|[\|]+|[\[]+|[\]]+/ +gi) { $self->{hackattempt} = "true1"; $self->{hackpattern} = $i; return $self->{hackattempt}; last; } #Remove any hi-jack attempts!!! if ($i =~ /BCC/gi) { $self->{hackattempt} = "true2"; $self->{hackpattern} = $i; return $self->{hackattempt}; last; } next; } return $self->{hackattempt}; }
My scripts use it to trigger an email that gives me the ip address and a sample of the entry (I can look at the sample and determine if it is spam or just a mistake), that code is not shown here. I then use this information to block the ip's using .htaccess -- This stops wasting resources on spammers and helps you to manage the posting process. The BCC portion of this code is aimed at an attempt to inject Blind Carbon Copy email listing into the header of the email envelope.
Goodluck,
In reply to Re: spam problem
by Sagacity
in thread spam problem
by batmanor
| For: | Use: | ||
| & | & | ||
| < | < | ||
| > | > | ||
| [ | [ | ||
| ] | ] |