Update: While we encourage people to write code using the PhishTank API, this specific offer is no longer valid.

We’re looking for someone to write some sample (but working) code to help test an anti-phishing database API we’ve developed and are about to release for public use (for free!). We are busy working on a ton of projects right now and rather than divert our attention to writing plugins and extensions for apps we aren’t familiar with we figured we could pay one or two of you to do it for us instead. The code will be licensed under an open-source approved license, probably the Mozilla license, or something even more open. We basically just want our API to have some example implementations when we launch it next week.

Here’s the problem: time is of the essence! We want to have something ready to go public October 2nd, which means we really want to see a test version by Friday, September 29th. This will give us enough time to work out any bugs (in your code or our API) by the morning of Monday, October 2nd. That’s only a week from today (yikes!).

I want to offer some good incentives for you, especially since time is short. Feel free to pick some or all of the following:

  • $300 for a Thunderbird extension which scans an email for URLs and checks them against our API and optionally submits suspected URLs from phishing emails into our API.
  • $100 for a SpamAssassin plugin which just scans an email for URLs and checks them against our API
  • $100 for another equally as cool open source project like Squid Cache, per our approval via email.
  • A free lunch w/ our CEO at a good restaurant if you’re willing to come into San Francisco to have it. Our CEO (me) has good taste and gets to decide what a ‘good restaurant’ is, but it’ll be good.
  • A blog post saying how much you rock.
  • If you really are good, we are hiring and this is a fast-track way to get through the interview process.

Since you will be one of the first to use our API it might require some back and forth with us as we tune our API. It would help if you used Yahoo IM or AIM and spoke English. Other than that, we are pretty flexible about who you are. We posted a listing at RentACoder for a Thunderbird hacker but haven’t had any bites yet which is why we’re posting here. Unless you hear from us directly (John Roberts or myself) that you are hired, we make no guarantees.

You can post general questions here on the blog but specific questions should be sent to us via email (firstname at opendns dot com will get to John or myself).

  • Interesting, I’ve forwarded the link to some more capable friends.

  • Pingback: clock — watching time, the only true currency » » Looking for someone to play with a REST API()

  • Greetings,

    > SpamAssassin plugin which just scans an email for URLs and checks them against our API

    Depending on your API you could build it around the Mail::SpamAssassin::Plugin::URIDNSBL plugin.


    The system is already designed to scan the body of a message and check those links against a DNSBL.

    -Mat Sumpter

  • That’s a pretty good idea, Mat. Thanks for the tip!

    Right now our API is REST-based although it could be adapted into a URIBL without too much trouble. I’ve always had a passive view of the idea of URIBL’s (not standard DNSBLs) but I suppose I need to investigate a bit more… 🙂

  • hi David —

    looking into PhishTank, I think a URIBL is the way to go. if you send me a mail, I can provide more details — it’s basically just a matter of serving a (frequently-rebuilt) zone.

  • Are there any news about this extension?

  • MASA


    Firefox, flock, mozilla suite, and seamonkey all have PhishTank SiteChecker:


    Click the install tab. It also has scripts for IE (with certain addons) and opera users too.

  • moltar

    Did you guys have any updates on this? Do you still need help with SpamAssassin? Contact me if so.