3

I'm creating a newsletter feature that will allow users to send emails. Since there are malicious people out there who would want to send spam, I'm wanting to be able to check and see if the message created is spam or not.

I've looked at a couple different methods like trying spam assassin but you need the full email which I won't have until later. Or you need to install some other utilities like spamd, but I'm looking for a php class that does this for me anyone know of anything? Or am i stuck having to install some command line app that does this?

Ideally something easy like this:

$spamChecker = new SpamChecker();
$message =  "Free Credit report, blah blah, I am spam! Detect me if you dare!";
if($spamChecker->isSpam($message)) {
    echo "You are a spammer!";
} else {
    echo "you are my friend";
}
SeanDowney
  • 17,368
  • 20
  • 81
  • 90

3 Answers3

2

Quite possibly the best service for filtering spam is Akismet. Akismet is quite widely used. It is included by default with Wordpress. I personally use it for my own site if that lends any credibility to Akismet. They also have many pre-made plugins/scripts for various server-side languages.

  • @SeanDowney Akismet is only a paid service if you have a very large website or one that is commercial. It is basically free to your run of the mill web sites. –  Jan 15 '11 at 22:10
  • @SeanDowney Also, if you use and it and really feel endeared to Akismet but use it for free there is even a donation option. –  Jan 15 '11 at 22:12
  • Akismet is a good option, although they are slow on development (still no way to check your monthly spam/ham quota with paid accounts ???). I've explored http://mollom.com/ before and found them at least as good as akismet. Might want to check them out too. – ChrisR Jan 15 '11 at 22:37
  • 1
    @ChrisR With a little custom code w/ a database you can keep track of whatever you want. –  Jan 15 '11 at 23:12
  • 1
    @Glenn correct, but in our case without building a wrapper webservice it's quite hard to keep track of our akismet integration in over a dozen sites. It wouldn't hurt their service if you could log in somewhere to get some usage statistics. – ChrisR Jan 17 '11 at 08:37
1

I would have the following line of protection:

1. authentication.

  • First authenticate user using something like for example lightopenid. When you use google as openid provider for instance then you have a very good chance that the users isn't a spammer, because they take measures against spammers.

2. Akismet/Sblam

  • Like glenn pointed out you can use akismet which is free for personal sites. Or you could try sblam which is free to use.

3. Captcha

  • You could back the mailinglist up by captcha for even further protection.

4. authorization.

  • Ban openid urls which spam.
Community
  • 1
  • 1
Alfred
  • 60,935
  • 33
  • 147
  • 186
1

spam assassin but you need the full email which I won't have until later

Nonsense - there's nothing to stop you using spamassassin to process arbitary data - its just that nobody would bother documenting how to do this. You don't even have to mess about with dummy headers - just pipe it through spamc and check the return code.

However you're just going to be a target for spammers unless you're very careful about establishing the credentials of your users - and that at least means checking for a valid email address - and if they have a valid email address, why would they use your service?

symcbean
  • 47,736
  • 6
  • 59
  • 94