The SFS Module

LICENSE

SFS.pm is licensed under the GNU-GPL v3.

CREDITS

Code: Andy Patmore (aka FLOYD/ANDYPATMORE)
Spammer Probabiltiy Formula: Keith Grant (aka KEG)

OVERVIEW

SFS.pm is a Perl Module that interfaces with the "Stop Forum Spam" API. The API allows you to check a username, email address or an IP address against the Stop Fourm Spam Database. The Database holds information on over 750,000^* spammers and by using this module you can prevent known spammers from registering on your site or posting messages/comments, etc. SFS.pm was originally designed to interface with WebAPP, though I have purposely left it as open as possible and it should be possible to either retrofit it to your existing Perl powered Forum/CMS or incorporate it into your own designs.

INSTALLATION

Upload SFS.pm in ASCII mode using your favorite FTP program to cgi-bin/Modules on your server. If you are not using WebAPP you should upload the module to wherever other such modules are located. If your system does not use any custom Perl modules in this way, simply create a "Modules" folder in your cgi-bin. You may need to set the path to this in your script. use lib "./Modules"; usually does the trick!

USE

In WebAPP, the "register2" subroutine in user.pl, checks for valid entries from the site registration form. Placing the code snippet below into that routine, preferably just after the script has confirmed that a username and an email address were actually supplied...

# Carry out SFS Check on Username, Email & IP
use SFS;
($sfstest) = SFS::test_sfs(resulttype => 'boolean', username => $input{'username'}, email => $input{'email'}, ip => $ENV{'REMOTE_ADDR'});
if ($sfstest eq 1) { error("Registration Denied! Details found on Stop Forum Spam Database!"); exit; }
# SFS Check Complete!

If you are using WebAPP, use SFS; would be best placed at the top of subs.pl or wherever your core routines are. As I mentioned above, just before this you may need to put use lib "./Modules";, as this will tell your script where to find the SFS.pm file.

How you process the result is up to you. In the above example I am requesting a boolean result (see below) and if the result is "true", sending a message to WebAPPs' built-in error reporting method. This will stop the registration at that point and display the message on the screen. Again, if you are not using WebAPP, you can substitute this code for something more suitable.

To submit spammer details to the database you will firstly need an API key (see below).

**DEVELOPER NOTE** To submit data to the SFS Database you will need to incorporate the following into your code. It is a requirement that all three elements are present.

$submit_result = SFS::submit_spammer(username => USERNAME, email => EMAIL, ip_addr => IP);

The module will return the values of "submitted" if the submission was successful or "error" if it failed. DON'T FORGET YOUR API KEY!!!

OPTIONS

Passing named variables to the test_sfs function allows for a great deal of flexibility. You can send any combination of username, email and ip as fits your requirements. You can also request four different result types from the method. The default result type is boolean, so if you do not pass a resulttype variable to the method, it will return either 0 (zero) for false and 1 (one) for true. You can also request percent which will return the spammer probability as a percentage (I would suggest that anything over 5% should be denied), decimal which will return the spammer probability as a decimal and finally matches which quite simply counts the number of times each check finds a match in the database.

At the top of SFS.pm there are five optional variables that you may edit if you wish.

$usernamedecay = 14;
$emaildecay = 28;
$ipdecay = 48;
$sfsserveroffset = 0;
$api_key = "";

The first three define the default number of days before a particular spam threat is deemed to have diminished. I would not recommend these values are reduced from their current settings, but you may wish to increase them, but as the decimal spammer probability is a value between 0 (zero) and 1 (one), any change to these values would hardly be noticable.

The fourth value allows you to change the time offset between your server and the SFS server (ignoring Daylight Saving is Time GMT -5). Again, if you do change this, the affect on the results would hardly be noticable.

The fifth is the API key that you must use if you wish to submit spammer details to the SFS Database. To request your key, please go to http://www.stopforumspam.com/signup

SUPPORT

Currently I can only offer support via email.

^* 790,467 listed as of 12:01GMT, Mon 5 Apr, 2010

Download: SFS Module - version 2.0 (Released April 4th, 2010)