simp
/
PyLink
mirror of http://git.simp.i2p/simp/PyLink.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
PyLink/docs/anti-spam-config.md

3.7 KiB
Raw Blame History

Regex filter and Flood

regex_filter is a plugin that passes all messages that pass through the relay through regex and flood protection. Using PCRE2 as a drop in replacement to utilize the C bindings instead of pythons standard re library.

The regex filter simply drops messages and doesn't punish the user. AntiSpam can be used for blocking/banning, though the current implimentation uses the standard re library and is likely less efficient.

This should give a good amount of control for relayed networks. Messages hit the more efficient regex+flood filter first, so spam and flood messages don't undergoe any further processing. Antispam sees what's leftover and is capable of OPER commands like blocking/banning/kick. Antispam can also uses globs that can block phrases constructed with look-alike unicode characters.

pattern_testing_tools.sh can be used to create a testing environment for regex patterns.

regex_filter:

enabled: true

# File paths (relative to PyLink directory)
blacklist_file: ./data/regex_blacklist.txt
log_file: ./logs/regex_filter.log

# Flood protection settings
flood_window: 30        # Time window in seconds
flood_threshold: 3      # Number of similar messages to trigger
similarity_threshold: 0.8  # 80% similarity threshold

Logging options
log_blocked: true       # Log blocked attempts

Auto-reload blacklist when file changes
auto_reload: true

Debug logging (set to true for troubleshooting)
debug: false

upon running it will create a /data directory with and regex_blacklist.txt. your regex_blacklist.txt contains a regex pattern one per line:

\b(?:spam|phishing|malware)\b
\bhttps?://(?:bit\.ly|tinyurl\.com|t\.co)/\w+\b

changes to the regex_blacklist.txt will cause the plugin to reload and recompile the patterns.

AntiSpam

AntiSpam is a bot that can be configured in pylink.yml. It can issue punishments from mass highlighting attacks and bad word combinations.

for selected channels:

servers
antispam_channels = [#channel1, #channel2]

then under antispam block:

antispam
exempt_level = halfop #halfop/voice/op
strip_formatting = true

Punishment

If using a clientbot, it will only be able to do punishments that is has access. If it's OP then it can kick for example. Not all IRCd's will support quiet. Separate by "+"

punishment: kill+kick+ban+quiet+block

Masshighlight

Example config

    enabled: true
    punishment: kick+ban
    reason: "Mass highlight spam is prohibited"
    min_length: 50
    min_nicks: 5

Textfilter

Original version supported only globs in config. Now both globs and regex can be utilized.

The textfilter will deal a punishment and prevent the message from being sent to other servers.

    enabled: true
    punishment: kick
    reason: "Spam"

it's capable of filtering pm's as well to prevent dm abuse, disabled by default:

Options: false, services, all

false is disabled, services checks only messages sent to services, all will check messages sent to relay users.

watch_pms: false

Server specific lists of bad strings can be enabled with:

servers::<server name>::antispam_textfilter_globs

In pylink.yml globs are quoted. To use regex filter do not use quotes so it will be interpreted as a literal, and add ::re:: to the beginning as shown:

textfilter_globs:
- "bad word"
- "*bad word*"
- ::re::(?i)(.*)(banned)(.||)(website)(.*)

partquit

This filters part/quit messages.

can be set per network:

servers::<server name>::antispam_partquit

set the reason:

    part_filter_message: Reason filtered
    quit_filter_message: Reason filtered

set which messages to be filtered:

 partquit_globs:
    - "*closed*"
    - "*left*"
    - "*joined*"