Moral Combat: Video Games in our Culture vs. Anarchy Media’s WP Plugin

IE six has an incompatiblity with this post. If you get an error, go to the next page or try Maxthon2 or FireFox.

Doug Stewart had a good post about an upcoming video game documentary about the affect of video games in our culture. In this post, I show you that movie while demonstrating the use of a WordPress Multimedia plug in. You can also read about “Moral Combat” on the Apple Pro Video site (link).

TCC’s Moderate Specific Posts plugin

Louie Alfred Gomez asked a question on the WordPress Hacker’s list yesterday about the best way to moderate all comments on specific blog posts. He was hacking the core WordPress code, which all of you who have just updated know is a bad idea.

I whipped out this plugin to show him an alternate solution. If anyone else finds they might need this, I’ll add a configuration screen and turn it into a zip file
Here’s the source as is:
Continue reading TCC’s Moderate Specific Posts plugin

Blocking an IP Range using .htaccess

I’ve decided to block all traffic from all McColo Corporation users.

Not all are guilty I’m sure, but I just got hit by one of their customers called “Digital Infinity”, reportedly a Moscow based company.  I was crawled repeatedly by IP 12 IP addresses within the 208.66.195.1-208.66.195.20 range.  Now, <100mb of transfers isn't so much to loose over a couple days, but it's enough to catch my eye.  Looking up one of those IP addresses shows McColo Corporation has leased 208.66.195.1-208.66.195.15 to “Digital Infinity”.  However, several of the IP addresses that scanned me are within McColo Corporation generic pool.  I’ve also seen posts related McColo Corporation’s 208.66.192.* range being a major source of WordPress comment spam.

So, guys, you’re outta here.

I’m blocking them via .htaccess.  I suggest you might want to do the same for at least 208.66.195.1-208.66.195.20 if you’re feeling more charitable than I am this morning.

Since they have four groups of addresses, I add four lines to my .htaccess file.  As a whole, that section now looks something like this:

[html]

order allow,deny
deny from 208.66.192
deny from 208.66.193
deny from 208.66.194
deny from 208.66.195
allow from all

[/html]

I’m still here and working on new plugins…

It’s been nutso at work since I got back and I’ve been researching a new idea too. So, I’ve not had time for posting. But I will share with you some of what’s caught my attention.

I have two plug-ins I am working on. One is in the EARLY testing phase. It’s called No-More-404. It allows all of the permalink structures you used before to be handled and not present 404 errors. I would like it to present 301 (moved/redirect) messages and point you to the correct structure, but right now I haven’t found an elegant way of doing that. The plugin is toooo top heavy if I build in all of the routines I would need to use using the method I have right now. So, it looks like version 1 of the plugin will simply allow multiple permalink structures for the initial link to your site. Google frowns on that, but it is better than everyone getting 404 errors. After they click (or crawl)on another link, the new structure will be used. But it would be better if I could force it to the official structure.

I am also working on a DNSBL routine that may become a WP plugin or maybe a VB plugin as well. Basically it will block spams based up on the IP address used to send the message. It would be strange to have WP manage your spam, but as long as both VBulletin and WordPress have Cron ablities, it will work for someone that does not have shell access to their host.

But I ran across a technical problem yesterday and it vexed me. I think I have it solved though. Some of you may find this interesting so, I’ll provide part of the conversation I’ve had over at http://www.codingforums.com/showthread.php?t=89994. Besites I am soooo light on words lately…

PHP Imap_blah function to retrieve full Internet header


I’ll switch over to the pear library if need be, but I CANNOT believe the built in php functions don’t do what I want them to do.

I can use imap_header to get the basic "to" and "from" stuff in emails. They give the "typical end user" level of info about the origin of the email. However, what I want retrieve is the ip address of the smtp server that processed the email. That information is included in EVERY email and is available from IMAP servers (at least it is available to Outlook because you can right click on an email and choose options to see it).

I cannot find an IMAP_BLAHBLAHBLAH function that either returns this info or returns the full raw text of the message. I need the email’s Internet headers. This stuff:

Quote:

Return-Path: <tkuhnel@alushiptechnology.com>
Delivery-Date: Mon, 26 Jun 2006 23:53:47 -0400
Received-SPF: none (mxus6: 74.139.17.40 is neither permitted nor denied by domain of alushiptechnology.com) client-ip=74.139.17.40; envelope-from=tkuhnel@alushiptechnology.com; helo=Laskowski6;
Received: from [74.139.17.40] (helo=Laskowski6)
by mx.perfora.net (node=mxus6) with ESMTP (Nemesis),
id 0MKvMg-1Fv4dv28vt-0006m9 for *@thecodecave.com; Mon, 26 Jun 2006 23:53:47 -0400
From: "Adam Field" <tkuhnel@alushiptechnology.com>
To: <*@thecodecave.com>
Subject: RICARDO examined BENJAMIN of a please
Date: Tue, 27 Jun 2006 03:53:44 +0480
MIME-Version: 1.0
Content-Type: multipart/related;
type="multipart/alternative";
boundary="—-=_NextPart_000_006A_01C69962.9CE1DB50"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2670
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
Message-ID: <0MKvMg-1Fv4dv28vt-0006m9@mx.perfora.net>
Envelope-To: *@thecodecave.com

But all I get from imap_headerinfo is this stuff :
$header=imap_headerinfo($mbox,
$num,
180, 180);
print_r($header);

Quote:

stdClass Object ( [date] => Tue, 27 Jun 2006 03:53:44 +0480 [Date] => Tue, 27 Jun 2006 03:53:44 +0480 [subject] => RICARDO examined BENJAMIN of a please [Subject] => RICARDO examined BENJAMIN of a please [message_id] => <0MKvMg-1Fv4dv28vt-0006m9@mx.perfora.net> [toaddress] => [to] => Array ( [0] => stdClass Object ( [personal] => [mailbox] => brian [host] => thecodecave.com ) ) [fromaddress] => "\"Adam Field\"" [from] => Array ( [0] => stdClass Object ( [personal] => "Adam Field" [mailbox] => tkuhnel [host] => alushiptechnology.com ) ) [reply_toaddress] => "\"Adam Field\"" [reply_to] => Array ( [0] => stdClass Object ( [personal] => "Adam Field" [mailbox] => tkuhnel [host] => alushiptechnology.com ) ) [senderaddress] => "\"Adam Field\"" [sender] => Array ( [0] => stdClass Object ( [personal] => "Adam Field" [mailbox] => tkuhnel [host] => alushiptechnology.com ) ) [Recent] => [Unseen] => [Flagged] => [Answered] => [Deleted] => D [Draft] => [Msgno] => 1 [MailDate] => 27-Jun-2006 03:53:47 +0000 [Size] => 12651 [udate] => 1151380427 [fetchfrom] => "Adam Field" [fetchsubject] => RICARDO examined BENJAMIN of a please )

The imap_body requests provide no more info with the default parameters.

I suspect the quotes I’ve provided here are more info than is needed for anyone that knows the answer, but I wanted to be clear about what I was asking.

So, how do I get that Received-SPF or Recieved info?

If this is not possible, is PEAR my best bet or do I have to go old school on this thing and communicate with it via FTP or telnet?

Input is appreciated!

A reply:

to find the SMTP address, would it not be as easy as extracting the hostname from the sender’s email address, and converting it to an IP address if necessary with gethostbyname() (http://us2.php.net/manual/en/function.gethostbyname.php)?

My Response:

Unfortunately, it is rarely that simple.

Take for example that address on the spam I quoted earlier. tkuhnel@alushiptechnology.com was used as the sender. However, that address is probably some innocent business man that had their email address plastered into several thousand spam emails.

Alushiptechnology.com evaluates to 62.233.142.37. That is very different from the address of the SMTP server that we see in the email 74.139.17.40. Additionally, since shared servers have become more common, it is not at all unusual for the SMTP server to be a common server – say smtp.lunarpages.com and the website url/email address to be on a totally different server like Support@codingforums.com.

So, unfurtunately, all things being equal, gethostbyname() is a good idea that won’t work in this situation. However, if we were to check on the IP address of the SMTP server, we can tell that it is blocked. Here is one of the places I would check: http://www.spamcop.net/w3m?action=ch…=74.139.17.40+

I’ll see if PEAR has a solution for me. But I still find it hard to believe that this info is not available from the built in functions that otherwise seem so robust!

If any of my readers have any other suggestions, your input would be much appreciated too!!!