[Mediawiki-l] Enhancements to SpamBlacklist extension

[Rick DeNatale]

After the rash of wikispam attacks on mediawiki sites a week or two
ago, I started playing with the SpamBlacklist extension.  I've got a
comment and a couple of contributions.

1) I'm not sure if there is a bug here or not. When I first set the
extension up I put the blacklist file downloaded from meta first in
$wgSpamBlacklistFIles followed by my own Spam blacklist article. For
some reason it never saw my article. Reversing the order fixed this. 
I didn't try to analyse this any further.

2) I wrote a linux(bash) shell script which converts the blacklist
downloaded from chongqed.org to theformat expected by the extension. 
I documented this in meta
(http://meta.wikimedia.org/wiki/SpamBlacklist_extension)

3) Someone asked on this list how we would know how effective this and
other measures are.  During my debugging of the first problem, I
modified the code to e-mail me when the trap was sprung. I tested by
deliberately trying to introduce spam links when I did this a week or
so ago.  After being quiet since then, I was notified by e-mail about
several attempts in the wee hours last night.  I've since cleaned up
and generalized the code to allow others to use this.  It introduces a
new global $wgSpamBlacklistMonitors which is an array of email
addresses to be notified when the blacklist is tripped. The email is
sent from $wgEmergencyContact and includes the username and ip address
of the suspect, the link which triggered the blacklist and the full
text which the suspect was trying to save.  While this might be a bit
much for a big site like wikipedia, it would probably be useful for
smaller sites like mine.

Here are my changes in patch format against the current CVS versions:

diff README.new README (CVS version 1.1)

24,30d23
< $wgSpamBlacklistMonitors is an optional array, each value is a string
< containing the email address of someone who will be notified by email (from 
< the email address contained in $wgEmergencyContact) whenever the SpamBlacklist
< is triggered. The email body will contain the string which matched
the reg exp,
< the user name and ip address of the user attempting to save the article, and
< the full text which the user attempted to save.
< 
41,44d33
< $wgSpamBlacklistMonitors = array(
< 	"spamhandler at myWikiDomain.com",
< };
< 

diff SpamBlacklist.php.new SpamBlacklist  (CVS version 1.1)
4a5
> 
11d11
< $wgSpamBlacklistMonitors = array();

diff SpamBlacklist_body.php.new SpamBlacklist_body.php (CVS version 1.7)

48a49
> 
53,54d53
< 
< 
59d57
< 
61d58
< 
87d83
< 
91,100c87,88
< 			  global $wgUser, $wgIP, $wgSpamBlacklistMonitors,$wgEmergencyContact;
< 			  $userName = $wgUser->getName();
< 			  $artTitle = $title->getFullText();
< 			  foreach ($wgSpamBlacklistMonitors as $recipient) {
< 			    mail ("$recipient","Alert from SpamBlacklist.php", 
< 				      "SpamBlacklist caught $matches[0] by $userName from
$wgIP\n\nArticle title=$artTitle\n\n$text",
< 				      "From:$wgEmergencyContact");
< 			  }
< 			  EditPage::spamPage( $matches[0] );
< 			  $retVal = true;
---
> 				EditPage::spamPage( $matches[0] );
> 				$retVal = true;