> > Assuming that that is OpenBSD spamd then I may be able to help you > with your dnsbl desire. > > I have a python script that runs every 15 mins (inside the spamd > whitelist time) that checks for new entries, looks them up against a > dnsbl and blacklists if appropriate. Note that this code would be > provided "as is" & whilst it works for me I make no guarantees as to > anything. It probably isn't suitable for anything vaguely high > volume. > > A better hack than what I'm doing currently would be to abuse the > spamd sync feature which provides a much more timely notification of > activity, but I haven't found the round tuits to do it and am unlikely > to do so. > > Regards > > JC
Hi John, I’d be interested in looking at your Python script. I’ve also had a look at other solutions, and there does actually exist one which might be quite elegant, and which is using PF’s divert(4) functionality. The project is called pf-diverters and their repository is available here: https://github.com/echothrust/pf-diverters The developers are saying this is experimental, and from what I can see, the last release was for OpenBSD 5.7, but I’m going to have a look at it anyways. One of the daemons they have is specifically dnsbl related and can have wider usage than just spam filtering - it’s possible to use it with any other public facing service. One use case I’ve seen is in front of public facing SSH server using the CBL maintained by SpamHaus - this list apparently includes IPs used as sources in multiple types of attacks. Again - I’m not sure how useful or stable their solution is, but it’s something I’d be willing to test. Best Regards, mike -- Michal Krzysztofowicz http://antarcti.co/ | http://beautifulocean.org/ -- You received this mail because you are subscribed to misc@opensmtpd.org To unsubscribe, send a mail to: misc+unsubscr...@opensmtpd.org