added URI blacklist lookups to allow scaling beyond the domain list s…

…ize limit

README.md

@@ -7,9 +7,11 @@ This plugin was originally created by [Amiya Sahu][1].
 ## Features
 
 * Block some user names from being registerd on the site (e.g. xxx, owner, spammer, virus, ...).
-* Block undesired email domains (e.g. example.org, foo.example.com, ...) and/or all of their subdomains (e.g. .example.org, .foo.example.com, ...). Note that .foo.example.com (with a leading dot) blocks all subdomains of foo.example.com (like bar.foo.example.com and some.other.sub.foo.example.com), but not foo.example.com itself, whereas foo.example.com (without a leading dot) blocks only the domain itself, but none of its subdomains.
+* Block undesired email domains (e.g. example.org, foo.example.com, ...) and/or all of their subdomains (e.g. .example.org, .foo.example.com, ...). Note that .foo.example.com (with a leading dot) blocks all subdomains of foo.example.com (like bar.foo.example.com and some.other.sub.foo.example.com), but not foo.example.com itself, whereas foo.example.com (without a leading dot) blocks only the domain itself, but none of its subdomains.  
+  Note that this list is limited to 12000 characters. If you're hitting that limit (which I did) you may want to consider using a URI (DNS) blacklist (see below) for regular domain blocking and leave only subdomain blocking entries in this list.
 * Domain blocking can be configured for either blacklist mode (allow all domains/subdomains except the ones listed) or whitelist mode (allow only listed domains/subdomains). Default is blacklist mode.
 * Block undesired email addresses by regular expression match (e.g. Gmail addresses with more than 3 dots in their localpart: `(\..*){4,}@gmail\.com$`).
+* Block undesired email addresses by URI blacklist lookup (e.g. black.uribl.com). If you're familiar with operating a DNS server I recommend running your own URI blacklist. If you're using a third party service it's recommended to have the local DNS resolver on your Q2A server cache lookup results, so that the blacklist service doesn't get flooded.
 * Prevent users from changing their email address.
 * prevent users from changing their username.
 

qa-registration-blocker-lang-default.php

@@ -39,4 +39,6 @@
   'username_not_allowed'           => "This username is not allowed",
   'not_allowed_to_change_email'    => 'You are not allowed to change your email',
   'not_allowed_to_change_username' => 'You are not allowed to change your username',
+  'uribl'                          => 'URI Blacklists',
+  'uribl_note'                     => 'Validate e-mail domain against these URI blacklists (eg black.uribl.com, one per line)',
 );

qa-registration-blocker-options.php

@@ -33,6 +33,7 @@ class qas_ubl_opt {
   const BANNED_EMAIL_ADDRESSES      = 'qas_ubl_banned_email_addresses';
   const BANNED_EMAIL_REGEX          = 'qas_ubl_banned_email_regex';
   const WHITELIST_MODE              = 'qas_ubl_whitelist_mode';
+  const URIBL                       = 'qas_ubl_uribl';
   const DONT_ALLOW_TO_CHANGE_EMAIL  = 'qas_ubl_dont_allow_ch_email';
   const DONT_ALLOW_TO_CHANGE_HANDLE = 'qas_ubl_dont_allow_ch_handle';
 }

qa-registration-blocker.php

@@ -40,6 +40,7 @@ public function admin_form(&$qa_content) {
       qa_opt(qas_ubl_opt::WHITELIST_MODE, (int) qa_post_text(qas_ubl_opt::WHITELIST_MODE));
       qa_opt(qas_ubl_opt::BANNED_EMAIL_ADDRESSES, qa_post_text(qas_ubl_opt::BANNED_EMAIL_ADDRESSES));
       qa_opt(qas_ubl_opt::BANNED_EMAIL_REGEX, qa_post_text(qas_ubl_opt::BANNED_EMAIL_REGEX));
+      qa_opt(qas_ubl_opt::URIBL, qa_post_text(qas_ubl_opt::URIBL));
       qa_opt(qas_ubl_opt::DONT_ALLOW_TO_CHANGE_EMAIL, (int) qa_post_text(qas_ubl_opt::DONT_ALLOW_TO_CHANGE_EMAIL));
       qa_opt(qas_ubl_opt::DONT_ALLOW_TO_CHANGE_HANDLE, (int) qa_post_text(qas_ubl_opt::DONT_ALLOW_TO_CHANGE_HANDLE));
       $saved = true;
@@ -51,6 +52,7 @@ public function admin_form(&$qa_content) {
       qas_ubl_opt::WHITELIST_MODE              => qas_ubl_opt::PLUGIN_ACTIVE,
       qas_ubl_opt::BANNED_EMAIL_ADDRESSES      => qas_ubl_opt::PLUGIN_ACTIVE,
       qas_ubl_opt::BANNED_EMAIL_REGEX          => qas_ubl_opt::PLUGIN_ACTIVE,
+      qas_ubl_opt::URIBL                       => qas_ubl_opt::PLUGIN_ACTIVE,
       qas_ubl_opt::DONT_ALLOW_TO_CHANGE_EMAIL  => qas_ubl_opt::PLUGIN_ACTIVE,
       qas_ubl_opt::DONT_ALLOW_TO_CHANGE_HANDLE => qas_ubl_opt::PLUGIN_ACTIVE,
     ));
@@ -62,6 +64,7 @@ public function admin_form(&$qa_content) {
       $this->get_whitelist_mode(),
       $this->get_banned_email_address_field(),
       $this->get_banned_email_regex_field(),
+      $this->get_uribl_field(),
       $this->get_dont_allow_email_field_change(),
       $this->get_dont_allow_handle_field_change()
     );
@@ -87,6 +90,8 @@ public function filter_email(&$email, $olduser) {
     $topdomains     = Array();
     $subdomains     = Array();
 
+    $uribl          = explode("\n", qa_opt(qas_ubl_opt::URIBL));
+
     foreach ($all_domains as $domain) {
       if (substr($domain, 0, 1) === '.') {
         $subdomains[] = $domain;
@@ -106,6 +111,11 @@ public function filter_email(&$email, $olduser) {
         return $this->translate('email_domain_not_allowed');
       }
     } else {
+      foreach ($uribl as $bl) {
+        if (preg_match('/^127\.0\.0\.[0-9]+$/', gethostbyname("${email_domain}.${bl}"))) {
+          return $this->translate('email_domain_not_allowed');
+        }
+      }
       if (in_array($email_domain, $topdomains)) {
         return $this->translate('email_domain_not_allowed');
       }
@@ -248,6 +258,18 @@ private function get_banned_email_regex_field() {
     ));
   }
 
+  private function get_uribl_field() {
+    return array(array(
+      'id'    => qas_ubl_opt::URIBL,
+      'label' => $this->translate('uribl'),
+      'note'  => $this->translate('uribl_note'),
+      'tags'  => 'name="' . qas_ubl_opt::URIBL . '"',
+      'value' => qa_opt(qas_ubl_opt::URIBL),
+      'type'  => 'textarea',
+      'rows'  => 5,
+    ));
+  }
+
   private function ends_with_any($str, $matches) {
     foreach ($matches as $match) {
       $length = strlen($match);