Security

Add the X-Originating-IP header to all outgoing emails to assist with investigation of the sources for spam and unsolicited bulk email.

A standard Drupal install sends email as if it was originating from the web server when in fact, the email originated with a person's web browser. Use this module to include information in the outgoing email header about the IP address of the person who submitted a request to a Drupal website.

Without this module, Drupal effectively becomes an anonymizing service because the standard email headers will have the email origin listed as the web server IP address instead of the user elsewhere on the Internet. By using the information from X-Originating-IP, you can track down individuals who send undesirable communications through contact or webforms.

X-Originating-IP: [xxx.xxx.xxx.xxx]

The originating IP is based on the ip_address() Drupal API function.

If Drupal is behind a reverse proxy, we use the X-Forwarded-For header instead of $_SERVER['REMOTE_ADDR'], which would be the IP address of the proxy server, and not the client's. The actual header name can be configured by the reverse_proxy_header variable.

My main motivation to write this module was having thousands of comments and nodes published after a week off.

With phonewithcomputer.com service, we use phone for CAPTCHA service.

Prevent spam before it happens.

This module is currently able to enqueue IP addresses of your visitors. It automatically sends them, 15 at a time, as specified by the documentation of the API it uses, to the webservice of http://www.stopforumspam.com/ in cron.

The result it gets is then evaluated using configurable settings, such as frequency (amount of times a 'hit' is made) and confidence (how confident the webservice is this is a spammer). Whether it is a spammer or hammer, the result is stored/cached for a configurable amount of time in the database.

The IP addresses get automatically added to the blocklist if safe mode is disabled and they get auto-removed when the status has expired.

Planned features for now:

• Report spammers to the webservice
• From experience, the hook_cron is too slow
  • Implement own cron, e.g. run every 5 minutes, configurable
  • Send specifiable amount of requests per cron run

If you wish to become a co-maintainer please contact me using the form provided by drupal.org.

Configs:

• Safe mode - disable autoblocking/autounblocking
• n% chance to be enqueued
• Minimum frequency
• Minimum confidence

This is experimental code for a 7.x version of the https://drupal.org/project/openpgp module. I hope this sandbox will be somewhat short-lived as I would much rather see this rolled into the main module.

The code is mostly untested, and I can personally only take credit for a few tweaks. This 7.x port is based on the code that Jeriatrix posted to github and announced here: https://drupal.org/node/1155042#comment-6583806

In addition to the work that was done before I found it, I've made modifications to fix one of the admin pages (see #1967426: Configuration Error) cleaned up some queries to be compatible with Drupal 7, and added support for signing outgoing mail with PGP signatures if encryption is used (see #682452: Support for PGP signatures).

Ideas for future modifications:

• #2088941: Support PGP signatures for non-encrypted outgoing emails
• Reliance on the PHP GPG library rather than the command-line version
• Support for decryption (for use with Mailhandler module, perhaps?) Also see: #1118278: add decryption support

Townsend Security's Alliance Key Manager reached end-of-life on November 30, 2023, so this module is now deprecated and no longer supported.