Reaching milestones for SpamAssassin and DNS editor

There are several side projects going on right now. One of the completed “milestones” is the SpamAssassin configurator that was finalized today. For a few hours ago, we’ve started to work on a DNS editor, that makes it possible to update entries into two of our master DNS-servers. This is another milestone as much of the changes today are being made manually with regular zone files. We’ll still go that way, but in a near future, it will be possible to update records live. This work might speed up our DNS Blacklist a bit, which might give us a chance to live update both the primary master server and the second backup without hourly reloading. The DNS API was besides of this not even planned – it was “just a test” to see if it was possible and suddenly, there was an almost complete interface for it in the API.

Any plugins?

Yes, there was recently a minor release of the DNSBL WordPress-plugin also (not a milestone), but the release was too small to set up a whole post for it. But here goes, 2.0.6 gave us one minor update, as we had problems with blacklisted users requesting for delisting in the delisting-page comment fields. Those fields are less checked than the support mailbox, so the patch was based on removing comment abilities in the removal page as an option in the admin configuration.

  • [DNSBLWP-49] – comments_open has a problem that might open for comments again, if other plugins has it disabled

Portals Update

Tornevall Networks are now live with following upgraded platforms:

  • Primary Portal and components
  • AUTHv4
  • DNSBL

Primary portal and components

Site changed to what was supposed to be TornevallWEB v6. As many visitors already seen, we’ve left the API-WEB creation to speed up projects that is more important to fix, than sites that requires too much time and work too finish. Therefore, most of the site is now in the root based on WordPress and all API integrations are being primarily made with this platform. In the same time, we win a community compatible platform. However, WordPress is not the only part built here.

First of all https://tornevall.net has now become https://www.tornevall.net to somehow support a standard webaddress naming. It is used to comunicate news and happenings, whatever that might be. Besides of this, there is a community forum located under https://www.tornevall.net/portal. The purpose with this forum is supposed to be supportive when there are bigger needs of communication. This is still a work that has to be processed a bit more.

The DNSBL removal tool used on this site is currently completely based on WordPress and available for download here. Just remember, to get everything like delisting etc to work, it is important to have an API key (read below).

Things that is built around the portals has a base tracker here.
The WordPress plugin has its own tracker here with the development source code here.

AUTHv4.0

This is a replacement of the less known site AUTHv3, which was supposed to host API based configuration. That project, aswell as the main portal, became too big. So in the same way, this site is built around WordPress. However, the big difference here – compared to the primary above – is that this authentication service also serve other users (meaning, it is possible to register an account there, to get API keys etc). So, to get API keys that handles DNSBL requests, this is the place to be. This service is a frontend gui to APIv3.

DNSBL ending phase

We’re about to finish the long work of WP-DNSBL v2.0.0 which is a WordPress based plugin that will from this new release support and run with TorneAPIv3. APIv3 has much better documentation of how to use the DNSBL API (here). From this release, the API can also be configured via TorneAUTH v4, which will be located on https://auth.tornevall.net very soon, where API keys can be created automatically. All this together is planned to be a huge facelift (so the forum will hopefully also be updated in the same time and work as an extra support for the portal visitors).

Finishing this plugin has been very welcome by both me and other visitors, that during a long period have had a lot of problems with delisting themselves from the blacklist. For the moment, much of this is handled manually when the standard dnsbl site does not coorporate with us.

Changes

  • One big update for the new interface is that visitors can do CIDR-lookups (to see their entire network from a blacklist perspective).
  • Another update is that it should be more user friendly. Instead of impossible interfaces, there will be a raw, plain POST-form, with captcha support so system admins can run their delisting requests from another computers (where console is not supported)
  • The delisting and blacklist views are handled from a wordpress plugin, which means it might not be necessary to use the regular dnsbl server for delistings. By requesting special permissions, other servers might be able to communicate with the remote API too
  • The API is documented with more details than APIv2 was. This also means that own implementations of the DNSBL is made easier
  • Since we’re using a plugin for this, protecting admins from being banned from their own site is extra important
  • All bugs from DNSBLWP v1.x is hopefully fixed and removed

A complete CHANGELOG of what’s been fixed will be released soon. If you can’t wait for a status update you can take a look here. If you feel that something is missing, feel free to join the project and add requests!

When all this is done, there will be a whole new view for what could come next…

 

DNSBL for WordPress 2.0.0 CHANGELOG

Release Notes – WP_DNSBL – Version 2.0.0

  • [DNSBLWP-30] – IPtype in helpers.php has no effect anywhere (and is translated into arpas instead of iptypes)
  • [DNSBLWP-33] – Do not use HTTP Post when sending DELETE (it fails)
  • [DNSBLWP-4] – API Key for handling of blacklists
  • [DNSBLWP-18] – Instead of using TorneLIB-curl, use internal WP functions where it is possible
  • [DNSBLWP-21] – Clean up database during deactivation/uninstall
  • [DNSBLWP-22] – Configuration menus
  • [DNSBLWP-25] – Reinstate the commentblock
  • [DNSBLWP-26] – Reinstate page redirection
  • [DNSBLWP-27] – Reinstate listcontrol
  • [DNSBLWP-28] – DNS Lookups in plain mode
  • [DNSBLWP-29] – Currently the lookups is based on API – make it resolver-based when single addresses are being requested
  • [DNSBLWP-31] – Remove test hosts from project
  • [DNSBLWP-32] – Use API instead of DNS when running delisting requests
  • [DNSBLWP-34] – Delist in ajax mode
  • [DNSBLWP-35] – Allow enter in search form (ajax)
  • [DNSBLWP-36] – readme.txt for 2.0

What does the moral say about cleaning up content on a browser level, when communities refuse doing it for you?

During a very long period some of us has been waiting for a web browser based plugin, that makes it possible to block/remove unwelcome text and content, on for example Facebook. In the beginning, this was all about tests, chainletters, and stuff that was only irritating, for the people reading it.

Time flies by and requests for other filtering functions have starting to pop up that, instead of stupid chainmail, is about politics that only affects the content and not the user (meaning, only the content are blocked and the friend spreading it is not blocked). Still, the content filter is quite free to control, so this is eventually not a problem as the filtering are completely controlled by the user.

However, another aspect of this flow are currently taking form: Is it morally OK to block material with a political agenda? Should you really allow this kind of propaganda be left alone in silence? Even if you and I as persons choose to remove the information from our timelines/flows, the information will still be left there for others to read (and in that form it will become unstoppable). It is with a bit of caution I touch this area, as it might be a very sensitive matter. Therefore I’m looking for questions and feedback for this case.

The plugin is still planned to be built and the work, even if it hasn’t really started yet, can hopefully close up to a start in short. So as said, some kind of feedback would be very great to get here, since things that is left alone in silence, tend to grow big. And soon, it becomes too big to gain control over again.

We’re working on it…

Currently there’s a few steps left before we can release the new portal system (as shown via the test site at https://www.tornevall.com) and the new portal configurator (Test site located at https://auth.tornevall.com). The old platform for handling DNS Blacklists became deprecated as the development of NetCURL (https://www.netcurl.org) have been highly upgraded to fit other (ecommerce) needs. The behaviour of netcurl is backward compatible, but the DNS blacklist and portal software really needed a facelift anyway.

I’ve been looking for a platform that I can handle easier than the self built, and got stuck into a million of alternatives. However, the forum platform is still there, since there are too many posts and history behind. So those parts can’t be replaced (yet). Besides, if everything goes well, there might be no need of doing so.

So what’s left before a release? Actually, TorneAPI (3.0) is ready to go live and the applications built in the API is also very dynamic. As I proceed more things will be added to it and currently, the big focus is the DNS Blacklist, FraudBL and NETFILTER.