KireiFilter
Launching soon
Spam Detection API · EU-hosted · GDPR-compliant

Stop spam before it
reaches your database.

KireiFilter is a server-side API that scores incoming content — comments, contact form submissions, registrations, email — and tells you whether it's spam. No CAPTCHA. No friction for real users.

spam score

0.0 — clean 0.5 — review 1.0 — spam

How it works

One API call.
A confidence score back.

Send the content, IP address, and optional metadata to POST /api/v1/spam-check. KireiFilter runs it through multiple detection layers and returns a score between 0.0 and 1.0, a verdict, and which signals fired.

You decide what to do with the score — auto-reject, queue for review, or let it through. The logic stays in your code; we just provide the signal.

response 
{
  "verdict": "clean",
  "score":   0.12,
  "signals": [
    { "layer": "heuristic", "score": 0.12 }
  ],
  "checked_at": "2025-03-18T09:14:22Z"
}

Features

Everything you need to fight spam.

IP & Domain Denylist

Known bad IPs and domains are hard-blocked immediately. Configurable per account — add your own blocklist entries.

Heuristic Analysis

Pattern-based scoring detects common spam signals: keyword density, link counts, excessive caps, suspicious phrases, and more.

RBL Checks

Real-time blocklist lookups against public RBL providers to identify IPs with a history of sending spam or abusive traffic.

Entropy Scoring

Measures character-level randomness to catch machine-generated gibberish, keyword stuffing, and auto-spun content.

Content Fingerprinting

Identifies repeated spam campaigns by hashing and comparing content. The same template sent by different bots gets caught the second time.

Email Alias Abuse Detection

Detects disposable addresses, normalized duplicates, and email-as-password patterns that signal throwaway accounts and fake registrations.

Use cases

Works anywhere users submit content.

💬

Blog comments & reviews

Score every submission before it hits your database. Auto-approve clean content, hold grey-area posts, reject obvious spam.

📬

Contact forms

Block bot floods without CAPTCHA. Legitimate users see nothing different — spam never reaches your inbox.

🔐

User registrations

Catch fake signups, disposable emails, and bot accounts at the point of registration before they pollute your user base.

📧

Inbound email pipelines

Classify raw email content, headers, and sender data before processing. Useful for support inboxes, ticketing systems, and forwarding pipelines.

Detection pipeline

Layered, not a black box.

Each request passes through independent detection layers. Scores are accumulated, high-confidence matches short-circuit the chain. You get the final score and every signal that fired.

1
Denylist Hard block — score 1.0, exits immediately
priority 100
2
RBL Realtime blocklist lookup on IP
priority 80
3
Heuristic Keywords, patterns, link density
priority 50
4
Entropy Character randomness & gibberish detection
priority 30
5
Content fingerprint Repeated campaign detection
priority 20

Principles

Built with a few hard rules.

No CAPTCHA, ever

Spam filtering happens on your server. Real users never solve a puzzle, click a checkbox, or prove they're human.

EU-hosted & GDPR-compliant

Data stays in Europe. No third-party trackers, no cross-account data sharing, no surprises at audit time.

You own the decision

We return a score and signals. What you do — reject, queue, approve — stays in your code. No magic auto-blocking outside your control.