From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <ammarfaizi2@gnuweeb.org>
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on gnuweeb.org
X-Spam-Level: 
X-Spam-Status: No, score=-2.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,NICE_REPLY_A,URIBL_BLOCKED
	autolearn=ham autolearn_force=no version=3.4.6
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gnuweeb.org;
	s=default; t=1688630723;
	bh=UzpG8hPW0jHoWqoj4UDdyuDraolQz5LutWPGj2UtPYo=;
	h=Date:Subject:To:References:From:In-Reply-To;
	b=Tixgh+PupvlwMdTKOUXhfjVk9lxdIr4GpYsp0YzrPiFQaY+OWIAZr49z7d83mzrA6
	 nVXRuRa0aVSuiFpq5GKFcosnMsJzN1v9gWJgvDDFjVssFj3wRZnOQ0gi3KxlC11mvW
	 /azw7RL1+UJqKlJqIogFd/yb9/vkmcq4Y7qlC6HIut9+COEEqCzCzd6TIqENonks6/
	 DwQkRKufOJBMfcILuBTCFnLepoLQX20FmtBeYXtAmXwdVSLmMsEzc8C84BGs9eBL5l
	 aRWpsbXg2WJzNLKbTLSjGA5HZAyfMGasxmsxjSQtc9j/8+Kgpa58QIkVHoSWPxLHau
	 u5ZgZ2xD/nOug==
Received: from [10.20.0.2] (unknown [182.253.126.105])
	by gnuweeb.org (Postfix) with ESMTPSA id C401323FD9D;
	Thu,  6 Jul 2023 15:05:21 +0700 (WIB)
Message-ID: <9a7d7ec3-4885-5d3e-70c7-78a1ea4e6b26@gnuweeb.org>
Date: Thu, 6 Jul 2023 15:05:18 +0700
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101
 Thunderbird/102.11.0
Subject: Re: Ammar, we have awesome remote U.S. software engineering job
 opportunities waiting for engineers like you!
Content-Language: en-US
To: "Turing - U.S. Software Jobs" <noreply+14@turing.pe>, gwml@gnuweeb.org
References: <DUBHVSwDT5iLD0p2u_kBhw@geopod-ismtpd-5>
From: Ammar Faizi <ammarfaizi2@gnuweeb.org>
In-Reply-To: <DUBHVSwDT5iLD0p2u_kBhw@geopod-ismtpd-5>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
List-Id: <gwml.vger.gnuweeb.org>

It's like 7th times I've asked Turing to stop sending spam to
our mailing list. I've even blocked the turing.com domain, but
now it comes with a new domain to bypass my blocking.

Let's see if the following patch is capable of blocking all their
spam robots.

diff --git a/bin/public-inbox-tg.php b/bin/public-inbox-tg.php
index 2e611ec..08753cb 100644
--- a/bin/public-inbox-tg.php
+++ b/bin/public-inbox-tg.php
@@ -133,6 +133,29 @@ function clean_header_val(string $str): string
  
  function fx(string $input): int
  {
+       $hdr = explode("\n\n", $input, 2);
+       $hdr = trim($hdr[0]);
+       if (!preg_match("/(?:^|\\n)from:\s+?(.+?)(?:\\n\S+\:|$)/si", $hdr, $m)) {
+               $err = "Cannot get the \"from\" line";
+               goto out;
+       }
+       $from = clean_header_val($m[1]);
+
+       if (preg_match("/\\@turing\\.[\\w\\d\\.]+$/", $from)) {
+               /**
+               * Drop any email from turing.bla domain
+               * where 'bla' can be anything. Note that
+               * it was not enough to block turing.com
+               * because their spam system has started
+               * expanding to other TLDs (not only .com).
+               */
+
+               // Bounce the email.
+               printf("x: The MDA detected /\\@turing\\.[\\w\\d\\.]+$/ pattern and it's globally recognized as spam. The email cannot be delivered. Thank you!\n");
+
+               exit(1);
+       }
+
         $tmpName = "/tmp/".date("Y_m_d_H_i_s_").rand().microtime(true).".txt";
         file_put_contents($tmpName, $input);
         shell_exec("/usr/local/bin/public-inbox-mda < {$tmpName}");



-- 
Ammar Faizi