dnsbl_check
This Rails plugin checks http clients against DNS Blackhole Lists. This completely stops spam on web applications. It is multithreaded and used on busy production systems.
News
Version 1.3.1 of the plugin was released on 23 December 2009. The only thing that’s changed is I moved the code to Github.
Installation instructions
- Go to the Rails application’s root directory
- type ruby script/plugin install git://github.com/tilsammans/dnsbl_check.git
- Restart your application.
Usage instructions
Put before_filter :dnsbl_check in any controller that needs checking. Abuse is often limited to a few controllers in your application, e.g. the one that receives comments. If you need checking in your entire application, put the before_filter in your ApplicationController.
Usage example:
class CommentsController < ApplicationController
before_filter :dnsbl_check
# Let users submit comments.
def submit
...
end
end
What does it do?
This plugin installs a filter that is run before every incoming request for the controller. The filter analyzes the remote ip address, that is, the ip address your visitor is using. When this address is listed on a DNSBL, your visitor is considered unwanted. She will be shown an ‘Access denied’ message and nothing more.
Be advised that this filter will block access to some users of your application. These are supposed to be unwanted, but you can never be one hundred percent sure.
When the address is not present on any of the configured DNSBLs, the visitor’s session is flagged checked, so the procedure won’t run on the next request. This saves quite some processing power. When your visitor’s session is over, the filter will run again.
The filter logs both ‘hit’ and ‘miss’ to your application’s log file. This enables you to take further action and monitor the filter’s workings. Open your ‘log/production.log’ logfile and scan for the words DNSBL to see what the filter is doing.
Background information
I wrote this plugin because my application was being spammed: many bogus e-mail addresses were entered. It was some spammer’s wet dream to get a hold of my mailing list or something. The requests came from many different hosts, but I discovered that all were listed on several DNSBLs. Thus I decided to use these DNSBLs like many mail servers do: check incoming connections for a listing and, when listed, simply deny service. This has worked quite well.
I realise I could have shielded my application with a captcha, but I felt that raised the barrier to participate unnessesarily. Furthermore I only used highly reliable DNSBLs, with clearly stated removal procedures. You could be more or even less aggressive.
Contact
Suggestions and feedback most welcome by email or by commenting on this page.
No comments yet.