Message Board

http:BL Use/Development

Older Posts ]   [ Newer Posts ]
 A perl adaptation for querying http:BL
Author: C.Wilson6   (9 Jun 07 5:48pm)
I'm not a perl guru so there might be an easier way
to do this. Let me know your thoughts

use Net::DNS;
my $res = Net::DNS::Resolver->new(
nameservers => [qw(XXX.XXX.XXX.XXX)], #Add your DNS IP
recurse => 1,
debug => 0,
$theBLKey = 'XXXXXXXXXXXXXXXXXXXX'; #Replace with your own key
my $query = $res->search($theBLKey . "." . join('.',reverse(split('\.',$IP))) . '');
if ($query) {
foreach my $rr ($query->answer) {
next unless $rr->type eq "A";
$ans = $rr->address, "\n";
if ($ans) {
@type = split('\.',$ans);
if (($type[3] > 1) && ($type[1] < 30)) {
#This looks for harvertors and comment spammers who
#have had activity in the last 30 days.

#add routine to handle

Post Edited (21 Jun 07 8:24pm)
 Re: A perl adaptation for querying http:BL
Author: G.Byers   (25 Jun 07 11:11am)
Hello C. Wilson,

I know nothing about perl except that it is supported by my server.

Where should the above code get placed? Is it treated as an individual file or script and then linked to from within the code of my web pages? Or do I just create a file from the code (of course inserting my dns and blKey) and place it in the root folder of my site?

OR is the code specific to a particular set up that runs exclusively on perl?

Forgive my ignorance, just trying to find a way to take advantage of httpBL.

Your help appreciated.

Gary B
 Re: A perl adaptation for querying http:BL
Author: C.Wilson6   (30 Jun 07 3:23pm)
This is not intended to be a standalone program and it not as good as the Apache module found on this site. The code snipet can be placed at the very beginining of your perl script. You will need to create a routine to handle the IP if it is listed on http:BL. I just send the visitor to a sub routine that explains they do not have access to the website until they clean their IP and are not listed on http:BL for at least 30 days. My site gets hammered alot, so my DNS server gets lots of request from the script.

You may need to get permission from your DNS provider if you expect to significantly increase their hits.

I also give a couple of links to spyware removal software and I also include honeypot links just in case they are bots that have been inactive for awhile.

Most linux/unix setups have the Net::DNS library. If not, you can get it from cpan.

I also use a bot trap that actively rewrites my htaccess file when a visitor/BOT access
a honeybot style link. The link is also listed in my robot.txt file so real spider will not trip the trap.
 Re: A perl adaptation for querying http:BL
Author: B.Maciejewski   (27 Jul 07 10:59am)
Hello! Just to let you know I have been using a slightly modified version of this script to check comment spammers on my own (homebrew) site. Thanks for posting it - I didn't know how to access DNS from Perl, so this is a nice intro and useful to boot. I added an "else" clause to the if ($query) line and a check on the first octet being 127 (for error catching purposes), but it's more or less the same script as yours.
now just to have a means of submitting known spammers...
 Re: A perl adaptation for querying http:BL
Author: M.Prince   (30 Jul 07 2:06am)
We're thinking internally about ways in which we can create an API to allow people to submit known comment spammers. Obviously that comes with risks of the data becoming polluted. However, it's something we envision we'll do at some point in the future.
 Re: A perl adaptation for querying http:BL
Author: J.Struebig   (18 Jan 09 5:36pm)
I just wrote an Perl Modul for doin a request (before I found this thread), which is also translate the information.

Save this to a file named:
package Honeypot;

use Socket qw/inet_ntoa/;

my $dns = '';
my %types = (
0 => 'Search Engine',
1 => 'Suspicious',
2 => 'Harvester',
4 => 'Comment Spammer'
sub query {
my $key = shift || die 'You need a key for this, you get one at';
my $ip = shift || do {
warn 'no IP for request in Honeypot::query().';

my @parts = reverse split /\./, $ip;
my $lookup_name = join'.', $key, @parts, $dns;

my $answer = gethostbyname ($lookup_name);
return unless $answer;
$answer = inet_ntoa($answer);
my(undef, $days, $threat, $type) = split /\./, $answer;
my @types;
while(my($bit, $typename) = each %types) {
push @types, $typename if $bit & $type;
return {
days => $days,
threat => $threat,
type => join ',', @types


The usage is simple:

use Honeypot;
my $key = 'XXXXXXX'; # your key
my $ip = '....'; the IP you want to check
my $q = Honeypot::query($key, $ip);

use Data::Dumper;
print Dumper $q;

Post Edited (18 Jan 09 6:11pm)

do not follow this link

Privacy Policy | Terms of Use | About Project Honey Pot | FAQ | Cloudflare Site Protection | Contact Us

Copyright © 2004–21, Unspam Technologies, Inc. All rights reserved.

contact | wiki | email