Additional factors for evaluating spam activity IP / Email addresses in the Anti-Spam / Anti-Fraud API
CleanTalk Cloud Anti-Spam in the process of work, collects data on spam activity IP / Email addresses. Based on this data, a spam IP / email database is formed. CleanTalk provides several API methods for working with the data we have.
Recently, we added new parameters in the spam checking method and launched two new method APIs:
But first things first.
Obtaining a letter of the country code by IP address .
This API method returns a two-letter country code (US, UK, CN, etc.) or the full name of Russia by IP address. Learn more about using the ip_info method .
')
Checking the domain for participation in spam ezines .
Allows you to check if this domain has been used in spam mailings. At the moment, the CleanTalk database contains records of 1,383,062 domains.
For example, you have a comment, it is on the topic of the article, with quite meaningful text and does not arouse suspicion, but contains a link to a third-party site. We check the links and find out that the domain is listed in the database, the links were placed on other web sites and the date of their placement approximately coincides with the date of the comment. It turns out that the comment was used to post a link to a third-party resource.
Using this method is useful in recognizing manual spam when all other checks have been passed.
You can check the blacklists manually on the site
Learn more about using the backlinks_check method .
Update for spam_check method .
The method allows you to massively check IP / email on the basis of CleanTalk blacklists. At the moment, the database contains records of 2,808,344 IP and 9,990,835 Email. The same method allows you to check the IP on a specific date.
In addition to the main parameter, as a result of the output, indicating the presence or absence of the database, additional parameters were added:
spam_rate - spam activity rating from 0 to 100%. The parameter is calculated for each IP or email record, as a ratio of blocked requests, to the total number of requests from this IP or email. As an example, IP has a total of 100 requests, of which the service blocked 97 requests as spam, so spam_rate will be 97%.
Why this is important, it gives you the opportunity to establish your own request blocking logic. Since IP spammers change and at the moment it may belong to a regular user.
The following options:
Each parameter shows the activity of the checked data for the last 10 minutes, 1 hour and 24 hours, respectively. Those. shows the number of requests for a specific time from a specific IP or email. This is useful in cases where IP or email does not yet have BlackListed status in the database, but have a fairly high activity in a short time. About what other parameters you can use to protect against spam, you can read in our previous articles:
Non-visual methods to protect the site from spam Part 1
Non-visual methods to protect the site from spam Part 2
Non-visual methods to protect the site from spam. Part 3
Sample API data output for test email s@cleantalk.org. This email is intended for tests, therefore in the parameter “updated”: “2019-03-28 22:07:19” there is such a date.
Learn more about using the spam_check method.
Recently, we added new parameters in the spam checking method and launched two new method APIs:
- the first one is getting the letter code of the country by IP address
- the second - check the domain for participation in spam ezines
But first things first.
Obtaining a letter of the country code by IP address .
This API method returns a two-letter country code (US, UK, CN, etc.) or the full name of Russia by IP address. Learn more about using the ip_info method .
')
Checking the domain for participation in spam ezines .
Allows you to check if this domain has been used in spam mailings. At the moment, the CleanTalk database contains records of 1,383,062 domains.
For example, you have a comment, it is on the topic of the article, with quite meaningful text and does not arouse suspicion, but contains a link to a third-party site. We check the links and find out that the domain is listed in the database, the links were placed on other web sites and the date of their placement approximately coincides with the date of the comment. It turns out that the comment was used to post a link to a third-party resource.
Using this method is useful in recognizing manual spam when all other checks have been passed.
You can check the blacklists manually on the site
Learn more about using the backlinks_check method .
Update for spam_check method .
The method allows you to massively check IP / email on the basis of CleanTalk blacklists. At the moment, the database contains records of 2,808,344 IP and 9,990,835 Email. The same method allows you to check the IP on a specific date.
In addition to the main parameter, as a result of the output, indicating the presence or absence of the database, additional parameters were added:
spam_rate - spam activity rating from 0 to 100%. The parameter is calculated for each IP or email record, as a ratio of blocked requests, to the total number of requests from this IP or email. As an example, IP has a total of 100 requests, of which the service blocked 97 requests as spam, so spam_rate will be 97%.
Why this is important, it gives you the opportunity to establish your own request blocking logic. Since IP spammers change and at the moment it may belong to a regular user.
The following options:
frequency_time_10m
frequency_time_1h
frequency_time_24hEach parameter shows the activity of the checked data for the last 10 minutes, 1 hour and 24 hours, respectively. Those. shows the number of requests for a specific time from a specific IP or email. This is useful in cases where IP or email does not yet have BlackListed status in the database, but have a fairly high activity in a short time. About what other parameters you can use to protect against spam, you can read in our previous articles:
Non-visual methods to protect the site from spam Part 1
Non-visual methods to protect the site from spam Part 2
Non-visual methods to protect the site from spam. Part 3
Sample API data output for test email s@cleantalk.org. This email is intended for tests, therefore in the parameter “updated”: “2019-03-28 22:07:19” there is such a date.
{"data": {"s@cleantalk.org": {"appears":1, "frequency_time_10m":null, "spam_rate":"0", "frequency":"999", "frequency_time_24h":null, "updated":"2019-03-28 22:07:19", "frequency_time_1h":null} } } Learn more about using the spam_check method.
Source: https://habr.com/ru/post/350032/
All Articles