Anti-Spam script Setup Guide

Anti-Spam Guestbook V2 - Setup Guide

Anit-Spam Guestbook Script
Version 2.0
COPYRIGHT @ 2005 by Aubrey Millard

How to set up the Script Variables

This script was created with the novice user in mind. If you use most of the defaults then you can configure this script in just a few minutes. The script and the way it displays is highly configurable, so it can be very unique if you want to play with the different formats. We will go into more detail as we go along. First we will look at getting the script running. After that we will get into the customization.

BEFORE you start to try to set up this script make sure you know the following things.
1. The location of PERL on your server ie. /usr/bin/perl or C:/perl/bin/perl.exe
2. the PATH to your website ie. /www/usr/myprofile/
3. The web address for the guestbook ie. http://www.somedomain.com/~mysite/guestbook.html
4. The PATH to where you will want to store the logs and filter files ie. /www/cgi-bin/mylogs/

Also
If you want to use the email options with this script you will need to know...
1. The mail program and it's location ie(Linux) /cgi-bin/sendmail or (Windows) C:/www/cgi-bin/blat.exe
2. Your email login information username/password (you can get this from your email client)
3. Your email server address and port. Again you can get this from your email client

OK, if you know or have handy the above information let's jump in.
I assume that you have the script downloaded and unzipped on your computer somewhere.
(If not go to the Downloads section and get it now)
In Notepad open up the file called asgb.pl. This is the script file that does all the work. BE VERY CAREFUL when editing this file!!!! If you accidently delete something as simple as a "; " it could cause the script to fail.

So now we have the script open in Notepad, here is what we should see.

#!C:/perl/bin/perl.exe
$|=1; 
# Anti Spam Guestbook
# Version 2.0  04/04/05
# (C) 2005 by Aubrey Millard aubrey@bushido.org
#
# This script is freeware and may be used and abused by you.
# (just leave me some credit).

This is the headder of the file. Anything with a # in front of it is just a comment and doesn't actually do (with some exceptions) anything but provide you the reader with some information. The code is heavily commented so feel free to browse through the script to see how PERL works....Just not right now, we have a script to set up!

The first line is VERY important.

#!/usr/bin/perl

This tells the script where to find the PERL executable. This is the line that can cause some users some real headaches. The #! must be there with NO spaces at the beginning!!

#!C:/perl/bin/perl.exe <== OK
#!C:/perl/bin/perl.exe <==NOT OK, has a space at the beginning

Ok, so lets go ahead and fill in the PERL path (Dont guess! Not every server is set up the same.)
Some examples:
#!C:/perl/bin/perl.exe <==Windows
#!/usr/bin/perl <== Linuix/Unix

Now we get to some of the variables that we have to set in order for the script to function properly.

set $HTML="NO" if you do not want users to be able to enter HTML tags
$HTML="YES";

Some spammers are getting wise to filters so they are opting to use images to clog your guestbook with. If you set $ALLOWIMAGES="NO" it will strip any image <IMG> tags from the entry.
$ALLOWIMAGES="NO";

$REDIRECT is the internet address of the page you would like the user to go to once the have hit the SUBMIT button. Most people just redirect the person back to the guestbook but you could use a Thank You page or whatever.
ie. http://www.myhomepage.com/cgi-bin/asgbv2.pl?1+10
Remember that when you call the script to view the guestbook you have to specify the page number and the number of entries to display.
$REDIRECT="http://www.myhomepage.com/cgi-bin/asgbv2.pl?1+10";

$GUESTBOOK is the file name for your guestbook file. You must give the filename including it's full path. ie www/users/myprofile/guestbook.txt
$GUESTBOOK="/www/users/foo/guestbook.txt";

#####################################################################
#                   EMAIL SECTION
# If you are on a windows based server you will have to configure
# the email settings a little differently. A linux/unix system is
# a little easier.
# BE SURE THE MAIL PROGRAM IS SET CORRECTLY BEFORE SETTING "YES" TO
# $SEND_THANKS or TELL_ME!
###################################################################


 $SEND_THANKS if "YES" will send the signer of the book a thank you
 note if they supplied a valid e-mail address. E-mail is sent to
 the value contained in "email"
   $SEND_THANKS="NO";

 $MY_EMAIL should be your e-mail address. This way people know where
 they get the thank you note from.  Be sure to put that \@ backslash
  before the AT sign!
   $MY_EMAIL="me\@somedomain.ca";

 If you make $TELL_ME="YES" and supplied a value for $MY_EMAIL,
 the script will notify you when somebody has signed your book.
   $TELL_ME="YES";
   
 $MAILPROGRAM is your system's e-mail program typically either
 /usr/lib/sendmail -t  or /usr/sbin/sendmail -t
 
 DON'T FORGET THE "-t", omitting it is a major source of script failure.
 For Windows 95/98/NT using BLAT.EXE, it might look like this:
 $MAILPROGRAM="C:/winnt/system32/blat.exe";
 
 If you have access to BLAT.EXE but dont have the access to modify it,
 Make sure you fill in all the fields below. If you are not sure of the
 settings you can get the information from your email program.
 $MAILPROGRAM="blat.exe";

 If you are using BLAT.EXE then set this to YES. If you are going to use
 sendmail then set it to NO.
  $USEBLAT="YES";
   
 Enter your email address here. This is the email address for the account
 that use the login and password below. It can be the same as the $MY_EMAIL.
  $FROM="foo\@bar.ca";

 Your email server and port (normally 25)
  $SERVER="smtp.somdomain.ca";
  $PORT="25";

 Your email login name and password.
  $USERNAME="foobar";
  $PWD="password";


 $TEMPDIR is a directory on your server where you have permission to
 write files that will be deleted when the script finishes running.
 ie. /cgi-bin/temp/ or /tmp/
 if it is the same directory where the script is then leave it blank.
   $TEMPDIR="/tmp";


                       MISC VARIABLES
 This is the URL to this script without the page number and entries.
   $SCRIPTURL="http://www.myhomepage.com/cgi-bin/asgbv2.pl";
     
 $MYDOMAIN contains your domain. ie. somedomain.com or www.somedomain.com
 it is used to check the link that calls this script. If the link is not
 in this domnain then the script will not run. Prevents someone else from
 running your guestbook from thier webpage.
   $MYDOMAIN="mydomain.ca";

 Required fields. enter the fields here that must not be blank when
 the user submits the entry. Each field name must be separated by a comma and
 surrounded by quotes. There MUST be atleast one field name.
 Available filed names are: "name","email","city","country","url","message"
    @REQUIRED=("name","message");


################################################################################
# ANTI SPAM CONFIGURATION
# The following items should be set in order to use the ANTI-SPAM
# features of this script.
# If the log files,word filter and ban files will be in the same directory as
# the script then you do not need to specify the path, only the filename.
################################################################################

 $MASKEMAIL="YES" will replace the . and @ signs in the address to fool
 most email spiders. Less spam email is a good thing :)
   $MASKEMAIL="YES";

 @ sign replacement if MASKEMAIL set to YES.
 (can be an image, © &copy; or "AT" or whatever)
  $ATSIGN="<img src=\"http://www.mydomain.ca/foo/at.jpg\" width=10 height=9>";

 . replacement in email addresses if MASKEMAIL set to YES.
 (can be an image, &middot; or "DoT" or whatever)
  $DOT="&middot;";

################################################################################
#                            BANS and FLAGS
################################################################################
 Using Bans, will permanently ban the offending ip address. If they try to post
 anything on the guestbook after being banned they will automatically be
 redirected to a different page and nothing will be written to the guestbook.
 if you set it to NO then no IP addresses will be banned (not recommended)
 if you set $USEBANS to NO but leave the $FLAG_ON_XXXXX  variables set to YES
 then if an entry is flagged it won't be banned but the user will be redirected
 to an error page and nothing will be written to the Guestbook.

 Setting $USEBANS and the $FLAG_ON_XXXXX  variables to NO will allow anything
 to be written to the guestbook.
 REALLY REALLY NOT RECOMMENDED!!!(unless you like spam)
    $USEBANS="YES";

 $FLAG_ON_LINKS will FLAG an entry if it contains more than $MAXLINKS
 links on the guestbook. (this does not include the url field)
 This will only count the links in the message field.
    $FLAG_ON_LINKS="YES";
    $MAXLINKS=2;

 $FLAG_ON_WORD_LEN will flag an entry that has more than $MAXWORDLEN
 characters in one word. It will help to stop losers who post crap like:
 dfglksdfg[dfkv[awkrmg]pggmslkfgm;sdlkfgmskg'slkg'aserfgsdgdfdhj
 If someone posts a legitimate but really long link like:
 http://www.reallylongdomainname.com/thisfolder/thatfolder/finally.html
 the routine will allow it because it has already gone through the other
 filters. A WORD is considered from space to space.
 ie " hello " AND " thankyou.When " are looked at as single words.
 So as you can see the "thankyou.When" only takes up 13 characters.
 Basically if you set MAXWORDLEN to 30-45 the only legitimate person
 who will get caught by it will be someone with a busted spacebar.
    $FLAG_ON_WORD_LEN="YES";
    $MAXWORDLEN=35;

 $CHAR_REPEAT_LIMIT Checks the frequency of a letter in a word.
 finds stuff like like "You SUUUUUUUUUUUUUUUUUUCK"
 This is only used if $FLAG_ON_WORD_LEN is set to YES
 Be careful how short you set this, you don't want to trap someone that said
 Helloooo, boy did I have a loooooong day.
 If you don't wan't to use this feature set $CHAR_REPEAT_LIMIT=0;
    $CHAR_REPEAT_LIMIT=8;
    
 $FLAG_ON_FILTER will flag any entry that contains any of the words in the
 filter word file. It will search ALL the fields, not just the message field.
    $FLAG_ON_FILTER="YES";

 File path for filtered words file.
   $WORDFILE="filter.txt";

 Ban List text file for storing banned IP addresses.
    $BANLIST="banlist.txt";

 Name and location of the Ban Log. This will contain the IP,
 email,URL and the flagged content.
 click here to see what a logfile looks like.
    $BANLOG="asgbbans.txt";
    
 Maximum number of Ban log entries. Dont use a high number here. Some spammers
 try to spam guestbooks with thousands of links. This could cause the banlog
 to get big quick! 25-100 entries should be enough.
    $MAXENTRIES=50;
    
 Maximum length of Guestbook message (number of characters)
 Set to 0 for unlimited (not recommended)
 Since people generally leave short messages on guestbooks, if you get a
 submission that is a few thousand characters long chances are they are
 spamming. Most people can say what they want in 1000 characters or less.
    $MAXLENGTH=800;

 Log errors. set to 1 to log errors or 0 to not write log.
 useful to help you debug the script.
    $LOGERROR=1;
    
 Error log file path and filename
    $ERRLOG="aserrlog.txt";

Thats pretty much it for setting up the variables. If you made it this far....well way to go!
Now all you have to do is set up the response messages and the HTML formats for your guestbook.

Back to Help

Next Messages