Add some more spam detection

pasterack.rkt

@@ -2,7 +2,8 @@
 
 (require web-server/servlet web-server/dispatch
          web-server/http/request-structs)
-(require xml xml/path net/url net/uri-codec json "recaptcha.rkt")
+(require xml xml/path net/url net/uri-codec json "recaptcha.rkt"
+         "spam.rkt")
 (require racket/system racket/runtime-path)
 (require redis data/ring-buffer)
 (require "pasterack-utils.rkt" "pasterack-parsing-utils.rkt"
@@ -441,7 +442,9 @@
       #:headers '("Content-Type: application/x-www-form-urlencoded")))
   (define as-text? (hash-ref (read-json captcha-success-in) 'success #f))
   ;; very basic spam filter TODO: move check to client-side?
-  (if (and (not as-text?) ; probably spam
+  (if (and ;; probably spam
+           (or (not as-text?)
+               (check-ip (request-client-ip request)))
            (not (has-hashlang? paste-content)))
       (serve-home request 
                   #:title name

spam.rkt

@@ -0,0 +1,30 @@
+#lang racket/base
+
+;; Rudimentary spam detection
+
+(require racket/contract
+         racket/port
+         memoize
+         net/http-client
+         xml
+         xml/path)
+
+(provide (contract-out [check-ip (-> string? any)]))
+
+(define blacklist-host "api.stopforumspam.org")
+
+;; Returns #f if the lookup failed, if the response is malformed, or
+;; if the IP doesn't appear. Return #t if the IP does appear.
+;;
+;; The result is memoized to avoid querying the server too often.
+(define/memo (check-ip ip)
+  (define-values (status headers contents)
+    (http-sendrecv blacklist-host
+                   (format "/api?ip=~a" ip)))
+  (cond ;; only accept 200 OK
+        [(regexp-match #"200 OK" status)
+         (define response
+           (string->xexpr (port->string contents)))
+         (and response
+              (equal? "yes" (se-path* '(response appears) response)))]
+        [else #f]))