Ask HN: Best API to check for scam/phishing/spam domains?

1 pointsDaktest2y ago2 comments

I'm building an app where the user has to input a domain as part of one of our user flows. For safety/security reasons, I want to integrate with an API that can check if the domain that the user has input is scammy, spammy, or contains other malicious content. I was looking into Scamadviser (https://www.scamadviser.com/scamadviser-api), but does anyone have recommendations for any other potential APIs or tools?

2 comments

verdverm2y ago

The ad blockers also typically block these things. There are big lists that back them, typically open sources on GitHub.

You could check against the lists by wrapping in a simple API. You'll also be able to choose which lists and make exceptions or edits, as well as keeping them up to date

sargstuff2y ago

Api for domain policy enforcement/filtering typically handled by server/gateway service handling dns requests. (per nat'ing, local/non-local addressing, subneting, virtual addressing, etc).

aka app uses dns service. Typically, the gatway/server of dns service does appropriate checks per system/network administration setups/policies. Aforementioned dns service returns a 'failure to resolve' if domain/address doesn't meet 'valid/appropriate' policy/rules.

An application on a properly configured network / box should only have to verify an address/domain exists/reachable via dns lookup[1].

An application / non-server box / non-gateway box attempting to do this via other methods may be taken to be malicious / violate network policy of domain box running app is on.

From system/network administrator view, end user box suddenly starts using information related to malicious sites. aka system/network administrator sees 'information related to malicious sites' and not 'this a query to see if this information is related to a malicious site'.

Failtoban[2] / unbound[3] / dnsmasq[4] or BIND[5] are some programs run as system service which make use of dns queries to let an app know if domain is a 'do not use'.

-------

[1] : a) https://stackoverflow.com/questions/41060027/how-to-use-nslo...

      b) https://community.jisc.ac.uk/library/janet-services-documentation/how-block-or-sinkhole-domains-bind

[2] : fail2ban blacklisting : https://en.wikipedia.org/wiki/Fail2ban

[3] : unbound blacklisting : https://www.howtoforge.com/how-to-set-up-local-dns-with-unbo...

[4] : dnsmasq blacklisting : https://alblue.bandlem.com/2020/05/using-dnsmasq.html

[5] : BIND blacklisting : https://community.jisc.ac.uk/library/janet-services-document...

j / k navigate · click thread line to collapse