CleanTalk Anti-Spam "check_message" API method description
This method is the best to use on forms that contain User-generated content (UGC) like a comment, review, or contact form.
- Collect web-form data.
- Send data JSON via a POST request to https://moderate.cleantalk.org/api2.0.
- Parse the response and make a decision.
Request
Data JSON Example
{
"method_name":"check_message",
"auth_key":"your_access_key",
"sender_email":"stop_email@example.com",
"sender_nickname":"John Doe",
"sender_ip":"127.0.0.1",
"event_token":"sha_256_string_of_event_token"
"submit_time":15,
"sender_info": {
"REFERRER": "https:/referrer-site.com",
"USER_AGENT": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3835.0 Safari/537.36"
},
"message": "Hello I am a spammer visit this https://badlinkexample.com"
}Data Processing
Necessary information about the data processing
| Parameter | Explanation |
| HTTP Method | POST |
| Data format | JSON |
| URL | https://moderate.cleantalk.org/api2.0 |
Required Parameters
The method will not work without these parameters
| Parameter | Explanation |
| method_name | Must be "check_message" |
| auth_key | Access Key. To obtain a key please register an account here |
Additional parameters
These parameters are necessary for filtering spam
| Parameter | Explanation |
| sender_ip | Sender's IP |
| sender_email | Sender's email |
| sender_nickname | Sender's nickname |
| event_token | You need to add a special script, https://fd.cleantalk.org/ct-bot-detector-wrapper.js, to your page layout. It will collect visitor data from your website's frontend on our server. When you send a spam check request to our server, all data collected from the frontend will be linked to the request by the value of the event_token parameter. |
| event_token_enabled | To filter spam correctly, you must set this flag to 1 if you have enabled the Bot Detector and are passing the event_token. |
| submit_time | Form submitting time in seconds. You don't need to pass this parameter if you passed the event_token_enabled flag and enabled the Bot Detector. |
| js_on | JavaScript test flag. 1 — the built‑in JavaScript successfully ran in the visitor’s browser. 0 or missing — the script didn’t run. You don't need to pass this parameter if you passed the event_token_enabled flag and enabled the Bot Detector. |
| message | The visitor's message. Will be checked for suspicious contacts, links, and many other conditions. |
| all_headers | HTTP-request headers (JSON encoded). |
| sender_info |
Information about the sender (JSON encoded). Include the next mandatory params: REFERRER: the content of USER_AGENT: the content of |
Response
Response example
The server's response is independent of the platform.
{
"version" : "7.47",
"inactive" : 0,
"js_disabled" : 0,
"blacklisted" : 1,
"comment" : "*** Forbidden. Sender blacklisted. ***",
"codes" : "DENIED BL",
"fast_submit" : 0,
"id" : "5a49267e202169b3a4d9ddefee190065",
"account_status" : 1,
"allow" : 0
}Response Explanation
| Key | Explanation |
| js_disabled | JavaScript is disabled or not (1/0) |
| blacklisted | The sender is in the CleanTalk Blacklists |
| comment | Server comment regarding the request, used to display to the user |
| codes |
Server response codes. Can be listed with spaces:
|
| fast_submit | Form submitted too often. Please note the difference from the FAST_SUBMIT code. |
| id | Request ID (helpful for our support). |
| account_status | Is the account enabled or not (1/0). |
| allow | Server decision. Request allowed (1) or not (0) |
In the server response code, you can also see the result of checking an email address for existence. If a blocked request contains a non-existent e-mail address, you will see the next text in the API response code field: "DENIED EMAIL_NOT_EXISTS"
Please note, that this code will be displayed only if a non-existent email is the main reason for blocking.
Code Examples
To integrate CleanTalk with your project, please use our official libraries.
All examples are available in GitHub repositories (see README files for usage):
- PHP: CleanTalk/php-antispam
- Python: CleanTalk/python-antispam
- Django: CleanTalk/django-antispam-no-recaptcha-captcha
- Node.js: westtrade/cleantalk
- C#: CleanTalk/csharp-antispam
Using Wget
CLI example
wget -O- --post-data='{"method_name":"check_message","auth_key":"your_acccess_key","sender_email":"stop_email@example.com","sender_nickname":"John Doe","sender_ip":"127.0.0.1","js_on":1,"submit_time":15}' https://moderate.cleantalk.org/api2.0
Using GoLang
package main
import (
"encoding/json"
"fmt"
"io"
"io/ioutil"
"net/http"
"strings"
)
var authKey string = "enter_your_key"
var configUrg string = "http://moderate.cleantalk.org/api2.0/"
var agent string = "golang-api"
type messageInputData struct {
MethodName string `json:"method_name"`
AuthKey string `json:"auth_key"`
Agent string `json:"agent"`
SenderEmail string `json:"sender_email"`
SenderIp string `json:"sender_ip"`
SenderNickname string `json:"sender_nickname"`
JsOn uint `json:"js_on"`
SubmitTime uint `json:"submit_time"`
AllHeaders string `json:"all_headers"`
Message string `json:"message"`
SenderInfo string `json:"sender_info"`
ResponseLang string `json:"response_lang"`
PostInfo string `json:"post_info"`
StoplistCheck uint `json:"stoplist_check"`
}
type MessageResultData struct {
Version string `json:"version"`
Inactive uint `json:"inactive"`
JsDisabled uint `json:"js_disabled"`
Blacklisted string `json:"blacklisted"`
Comment string `json:"comment"`
Codes string `json:"codes"`
FastSubmit uint `json:"fast_submit"`
Id string `json:"id"`
AccountStatus uint `json:"account_status"`
Allow uint `json:"allow"`
StopQueue uint `json:"stop_queue"`
Spam uint `json:"spam"`
}
func main() {
inputData := messageInputData{
MethodName: "check_message",
AuthKey: authKey,
Agent: agent,
SenderEmail: "stop_email@example.com",
SenderIp: "192.168.0.1",
SenderNickname: "testuser",
JsOn: 1,
SubmitTime: 5,
Message: "Test message",
}
resultData, err := CheckMessage(inputData)
if err != nil {
fmt.Println(err.Error())
return
}
if resultData.Allow == 1 {
fmt.Println(fmt.Sprintf("User allowed. Reason %s", resultData.Comment))
return
}
fmt.Println(fmt.Sprintf("User forbidden. Reason %s", resultData.Comment))
}
func CheckMessage(inputData messageInputData) (MessageResultData, error) {
inputDataBytes, err := json.Marshal(inputData)
var resultData MessageResultData
if err != nil {
return resultData, err
}
var body io.Reader = strings.NewReader(string(inputDataBytes))
req, err := http.NewRequest(http.MethodPost, configUrg, body)
if err != nil {
return resultData, err
}
req.Header.Set("Content-Type", "application/json")
client := &http.Client{}
resp, err := client.Do(req)
if err != nil {
return resultData, err
}
defer resp.Body.Close()
answer, err := ioutil.ReadAll(resp.Body)
if err != nil {
return resultData, err
}
err = json.Unmarshal(answer, &resultData)
return resultData, nil
}Related Links
Available features related to the method:
- CleanTalk's Personal Blacklist or Whitelist feature helps you to block unwanted users and to allow users that were recognized as spammers.
- The Stop-Word feature allows you to block comments and nicknames that contain any word from your Stop-Word List.
- Country Blacklist allows you to block all comments and registration coming from selected countries.
Stop-Word and Country Blacklist features are available after purchasing our Extra Package. Go to your Renewal License Page to see the details.
It would also be interesting
- CleanTalk API methods. Anti-Spam, Block Lists, Dashboard (Outdated)CleanTalk APIs This guide is outdated! Please use this instead https://cleantalk.org/help/api-main CleanTalk...
- Anti-Spam API methodsCleanTalk API methods This article describes public API methods by CleanTalk for spam and bot checking,...
- CleanTalk API — Drop-in Spam Protection for Developers(function(){ var els=[].slice.call(document.querySelectorAll('.fx')); if(!('IntersectionObserver'...
Copied to clipboard