I suggested some sort of spam-filter being built into the next version of Bahamut to Kobi Shmueli during our conversation last week. A problem that arose was that it would be moderating IRC, which is what DALnet is not aiming on doing. However, I was trying to think of a new solution and came up with a list of defined phrases in a centralized location, so that all IRC servers on the network can access the same file, and a spam-filter module on the IRC daemon, if a user says a phrase that matches a phrase listed in the file then it sends a global warning to all operators, or operators on the server that the user is connected to warning them of a possible spammer. This wouldn't be considered moderating IRC, it is just giving IRC operators on the network an aid to work on combatting the problem of spam and advertising on the network. My original suggestion was when a user says a phrase that matches a phrase listed in the file then the user gets auto-killed off the network. The problem with this would be quite a quantity of innocent users would be getting auto-killed from the network, which at the end of the day is only creating more work than is currently needed. However, James I like you're suggestion, it is similar (yet a bit more complex) than mine. I definitely think that a solution like either mine or yours has to be implemented on DALnet sometime soon, spam and advertising is very high on the network, which is not unusual for such a large network like DALnet, but at the same time, something should be done to combat it, for the users. Regards. On 1 May 2009, at 02:03, James Hess wrote:
It would be easier but there are a lot of users who don't have a registered nick and probably don't want one either. They just want to chat and we shouldn't take that away from them. -Kobi_S.
Yes, and they have friends to who they may want to talk with. Blocking those messages by default may hurt a lot of people. I suggest making a +S mode for spamfilter. Which will block messages based on a list of flexible criteria, and based on the user's "history", i.e. reputation of their ip address.
The problem is this reputation can't merely be stored on one server, all servers need immediate access to it; it needs to apply to all the IP address' IRC sessions, and needs to persist, even if they reconnect (otherwise spammers will /reconnect to reset their reputation).
And exempt registered, identified users get excluded from being blocked based on 'reputation'. A database of IP addresses should be held on the servers to reflect on the "reputation" of a non-registered user's IP.
I suggest a RDBM be used here. When a user connects, IRCD makes an asynchronous DB request for the IP address's "reputation" data; which is then cached somewhere in their user structure and re-synced at random (but long) intervals.
As long as their IRC session is still open there should be a 'session' entry in the database, and a separate "persistent" entry. When an IRC session is closed, and at prescribed intervals, the "persistent" entry is updated and session stats are cleared. The user's stats at any moment are the sum of all 'session' stats and the persistent stats.
DB Performance would need careful consideration. Possible elements of reputation score:
x How old is the reputation info? (old info is meaningless) x How many total private /MSG commands has the IP issued in the past 72 hours? x How many did they receive from users of high reputation (and identified users), and what's the SENT:RECEIVED ratio? (People that get a lot of messages are conversing, not spamming) x Other commands to track usage on: private /NOTICE, /JOIN, /INVITE x After removal of color codes and non-printables: x How many /MSGs did the user send that contain "http://" in them? x How many /MSGs did the user send that contain "//" in them? x How many /MSGs did the user send that contain "/eval" in them? x How many /MSGs did the user send that contain "/join" in them? x How many /MSGs did the user send that contain "/server" in them? x How many /MSGs did the user send that were blocked?
I suggest adding a /REPORTSPAM <nick> command which increments a "spam reported" reputation counter and effects their reputation score.
But if the target has not sent a private /MSG/NOTICE/INVITE in the past 2 minutes, or recipient had not received a private /MSG/NOTICE/INVITE from anyone since their last /REPORTSPAM, the reporter's reputation is penalized with a "bad report" count (negating all further spam reports from the ip for 24 hours).
-- -J _______________________________________________ DALnet-src mailing list DALnet-src@lists.dal.net https://lists.dal.net/mailman/listinfo/dalnet-src