A simple anti-spam system for [question2answer](https://www.question2answer.org/qa/), using [the stopforumspam API](https://www.stopforumspam.com/usage) and system firewall ([pf](https://www.openbsd.org/faq/pf/filter.html) or [ufw](https://launchpad.net/ufw)). To deploy: 1. Modify the configuration variables in the scripts as needed. 2. Copy the scripts to `/usr/local/bin` (requires root): install -m 755 -o root -g bin forumspam.sh /usr/local/bin/forumspam.sh install -m 755 -o root -g bin q2a_usercheck.sh /usr/local/bin/q2a_usercheck.sh install -m 640 -o _forumspam /dev/null /var/log/forumspam.log 3. Create the user the scripts will run as: useradd -s $(which nologin) _forumspam 4. Set up the firewall program If using `ufw`, install it: apt update apt install ufw If using `pf`: Create appropriate permissions for the file: install -m 640 -o _forumspam -g wheel /dev/null /etc/pf-forumspam.txt Add the following to `/etc/pf.conf`, preferably high up in the ruleset: table persist file "/etc/pf-forumspam.txt" block in quick on egress from block out quick on egress to 5. Give the `_forumspam` user restrictive sudo or doas permissions: If using doas, add the following to `/etc/doas.conf`: permit nopass _forumspam cmd pfctl args -nf /etc/pf.conf permit nopass _forumspam cmd pfctl args -t forumspam -T replace -f /etc/pf-forumspam.txt If using sudo, add to your sudo config file: _forumspam ALL = NOPASSWD: /usr/sbin/ufw Note: the path to `ufw` may be different depending on your linux distribution. 6. Register the systemd unit or rc script. systemd: sudo cp forumspam.service /etc/systemd/system/ sudo systemctl enable forumspam sudo systemctl start forumspam TODO: * also check against [botscout](http://botscout.com/api.htm) * give the scripts more sensible names * also create an rc script * support `iptables` * create a Makefile * merge the two scripts into one