{"id":1821,"date":"2012-11-21T22:24:56","date_gmt":"2012-11-21T20:24:56","guid":{"rendered":"http:\/\/planetozh.com\/blog\/?p=1821"},"modified":"2014-03-04T18:19:22","modified_gmt":"2014-03-04T17:19:22","slug":"checking-domain-blacklists-from-spamhaus-surbl-and-uribl-in-php","status":"publish","type":"post","link":"https:\/\/planetozh.com\/blog\/2012\/11\/checking-domain-blacklists-from-spamhaus-surbl-and-uribl-in-php\/","title":{"rendered":"Checking Domain Blacklists from Spamhaus, SURBL and URIBL in PHP"},"content":{"rendered":"

I've been speaking lately with folks from Spamhaus<\/a> about anti spam measure in YOURLS<\/a> and a YOURLS plugin for this. Currently the #1 result in Google for "spamhaus PHP<\/tt>" is a post on Lockergnome which gets it totally wrong and provides a script that does not work, so here is a PHP script that does work<\/strong>.<\/p>\n

This script checks a URL (its domain part, in fact) against the 3 major black lists: Spamhaus<\/a>, SURBL<\/a> and URIBL<\/a>.<\/p>\n

The script:<\/strong><\/p>\n

\n\n\t\t
\n\n\t\t
\n\t\t\t\t\t\t< View plain text<\/span> ><\/a>\n\t\t\t\t\t<\/div>\n\n\t\t
php<\/div>\n\n\t\t\n\t\t
\n\n\t<\/div>\n\t\n\t
\n\t\t
  1. \/**<\/span><\/div><\/li>\n
  2.  * Check a URL against the 3 major blacklists<\/span><\/div><\/li>\n
  3.  *<\/span><\/div><\/li>\n
  4.  * @param string $url The URL to check<\/span><\/div><\/li>\n
  5.  * @return mixed true if blacklisted, false if not blacklisted, 'malformed' if URL looks weird<\/span><\/div><\/li>\n
  6.  *\/<\/span><\/div><\/li>\n
  7. function<\/span> ozh_is_blacklisted(<\/span> $url<\/span> )<\/span> {<\/span><\/div><\/li>\n
  8.  <\/div><\/li>\n
  9.     $parsed<\/span> =<\/span> parse_url<\/span>(<\/span> $url<\/span> )<\/span>;<\/span><\/div><\/li>\n
  10.  <\/div><\/li>\n
  11.     if<\/span>(<\/span> !<\/span>isset<\/span>(<\/span> $parsed<\/span>[<\/span>'host'<\/span>]<\/span> )<\/span> )<\/span><\/div><\/li>\n
  12.         return<\/span> 'malformed'<\/span>;<\/span><\/div><\/li>\n
  13.         <\/div><\/li>\n
  14.     \/\/ Remove www. from domain (but not from www.com)<\/span><\/div><\/li>\n
  15.     $parsed<\/span>[<\/span>'host'<\/span>]<\/span> =<\/span> preg_replace<\/span>(<\/span> '\/^www\\.(.+\\.)\/i'<\/span>,<\/span> '$1'<\/span>,<\/span> $parsed<\/span>[<\/span>'host'<\/span>]<\/span> )<\/span>;<\/span><\/div><\/li>\n
  16.  <\/div><\/li>\n
  17.     \/\/ The 3 major blacklists<\/span><\/div><\/li>\n
  18.     $blacklists<\/span> =<\/span> array<\/span>(<\/span><\/div><\/li>\n
  19.         'zen.spamhaus.org'<\/span>,<\/span><\/div><\/li>\n
  20.         'multi.surbl.org'<\/span>,<\/span><\/div><\/li>\n
  21.         'black.uribl.com'<\/span>,<\/span><\/div><\/li>\n
  22.     )<\/span>;<\/span><\/div><\/li>\n
  23.     <\/div><\/li>\n
  24.     \/\/ Check against each black list, exit if blacklisted<\/span><\/div><\/li>\n
  25.     foreach<\/span>(<\/span> $blacklists<\/span> as<\/span> $blacklist<\/span> )<\/span> {<\/span><\/div><\/li>\n
  26.         $domain<\/span> =<\/span> $parsed<\/span>[<\/span>'host'<\/span>]<\/span> .<\/span> '.'<\/span> .<\/span> $blacklist<\/span> .<\/span> '.'<\/span>;<\/span><\/div><\/li>\n
  27.         $record<\/span> =<\/span> dns_get_record(<\/span> $domain<\/span> )<\/span>;<\/span><\/div><\/li>\n
  28.         <\/div><\/li>\n
  29.         if<\/span>(<\/span> count<\/span>(<\/span> $record<\/span> )<\/span> ><\/span> 0<\/span> )<\/span><\/div><\/li>\n
  30.             return<\/span> true<\/span>;<\/span><\/div><\/li>\n
  31.     }<\/span><\/div><\/li>\n
  32.     <\/div><\/li>\n
  33.     \/\/ All clear, probably not spam<\/span><\/div><\/li>\n
  34.     return<\/span> false<\/span>;<\/span><\/div><\/li>\n
  35. }<\/span><\/div><\/li>\n<\/ol>\t<\/div>\n\n<\/div>\n\n

    Usage:<\/p>\n

    \n\n\t\t
    \n\n\t\t
    \n\t\t\t\t\t\t< View plain text<\/span> ><\/a>\n\t\t\t\t\t<\/div>\n\n\t\t
    php<\/div>\n\n\t\t\n\t\t
    \n\n\t<\/div>\n\t\n\t
    \n\t\t
    1. if<\/span>(<\/span> ozh_is_blacklisted(<\/span> $url<\/span> )<\/span> )<\/span> {<\/span><\/div><\/li>\n
    2.     \/\/ do something brutal (eg die() your script, yell at user, etc...)<\/span><\/div><\/li>\n
    3. }<\/span><\/div><\/li>\n
    4.  <\/div><\/li>\n
    5. \/\/ all is fine *for today*, do your regular stuff.<\/span><\/div><\/li>\n
    6. \/\/ This said, it'd be nice to recheck every couple of days<\/span><\/div><\/li>\n<\/ol>\t<\/div>\n\n<\/div>\n\n

      Feel free to steal.<\/p>\n","protected":false},"excerpt":{"rendered":"

      I've been speaking lately with folks from Spamhaus about anti spam measure in YOURLS and a YOURLS plugin for this. Currently the #1 result in Google for "spamhaus PHP" is a post on Lockergnome which gets it totally wrong and provides a script that does not work, so here is a PHP script that does […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[21],"tags":[398,2,10,27],"class_list":["post-1821","post","type-post","status-publish","format-standard","hentry","category-published","tag-blacklist","tag-code","tag-php","tag-spam"],"_links":{"self":[{"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/posts\/1821","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/comments?post=1821"}],"version-history":[{"count":0,"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/posts\/1821\/revisions"}],"wp:attachment":[{"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/media?parent=1821"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/categories?post=1821"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/planetozh.com\/blog\/wp-json\/wp\/v2\/tags?post=1821"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}