From: Jordan Gordeev <[EMAIL PROTECTED]>
To: freebsd-questions@freebsd.org
Subject: Re: Shell question
Date: Thu, 26 Oct 2006 20:05:50 +0300
Jack Stone wrote:
From: Warren Block <[EMAIL PROTECTED]>
To: Jack Stone <[EMAIL PROTECTED]>
CC: freebsd-questions@freebsd.org
Subject: Re: Shell question
Date: Wed, 25 Oct 2006 21:35:55 -0600 (MDT)
On Wed, 25 Oct 2006, Jack Stone wrote:
Folks:
I have managed to piece together a shell script that is able to retrieve
the domains from the spams of the day and summarize those in a special
file that can then be added to the sendmail's rejects in the access.db.
But, first I have to eyeball the list and remove any obvious good-guy
domains.
I would like to create another list of those same good guys that can be
added to each day as they show up, then compare it to the above main
list and delete the good guy domains before adding to the access.db.
Greylisting will be much more effective than this approach, and is easier
to implement. Combine that with sbl-xbl and maybe a few other DNSBLs,
add greet_pause of five or ten seconds, and you have much more
effectiveness with less false positives and much less maintenance. Adding
clamav rounds out the whole thing. I wrote an article that covers some
of this:
http://www.wonkity.com/~wblock/greylist.pdf
-Warren Block * Rapid City, South Dakota USA
This shell script is just icing on the cake -- In addition to the DNSBLs,
I have had all of those other filters running for years plus milter-regex
in the front line, then greylist, then clamav, SA.
It's the SA (SpamAssassin) that provides me the list of bad-guy domains.
It's a very short list so I can always still eyeball it and remove any
obvious good ones. It's just sometimes I have made a mistake and let in a
good guy, say, like one of my own domains. If I had a "good-guy list" to
watch over my shoulder and check the bad-guy list before adding to the
access-reject, then those would never happen again. Those bad guys are
pretty obvious by their names.
Even if the domains are "throw-aways", I can stop a few more this way
although I have to purge the sendmail access DB ever so often. My users
might get 1 or 2 spams a month with my line of defenses. Takes a lot of my
time, but worth the results. This shell would be a big help tho.
Would appreciate any more tips on how to have my daily bad-guy list
checked against the good-guy list. Both are flat files with the domains
listed in a single column.
Thanks guys!
Jack
See comm(1).
_______________________________________________
Yep, that's it....!!
Thanks,
Jack
_________________________________________________________________
Stay in touch with old friends and meet new ones with Windows Live Spaces
http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"