Hi Linto,
the per-domain basis you can create by using the config-dir option,
wich is well documented in the documentation:
http://www.spamdyke.org/documentation/README.html#CONFIGURATION_DIR
Nearly any combination of sender and recipient can be configured
with this option. This way i configure black- and whitelists for
my customers.
My structure looks like the following.
In /etc/spamdyke.conf i set:
config-dir=/var/qmail/spamdyke/domain_setups
The directories contain:
domain_setups/
`-- _recipient_
|-- tld
| `-- firstdomain (file)
`-- tld2
`-- seconddomain (file)
domain_configs/
|-- firstdomain.tld
| |-- customer_blacklist_ip
| |-- customer_blacklist_rdns
| |-- customer_whitelist_ip
| `-- customer_whitelist_rdns
`-- seconddomain.tld2
|-- customer_blacklist_ip
|-- customer_blacklist_rdns
|-- customer_whitelist_ip
`-- customer_whitelist_rdns
In the file "firstdomain" you can setup the configuration
for the domain and also the IP_IN_RDNS_KEYWORDS of course.
In my case these are:
ip-blacklist-file=/var/qmail/spamdyke/domain_configs/firstdomain.tld/customer_blacklist_ip
rdns-blacklist-file=/var/qmail/spamdyke/domain_configs/firstdomain.tld/customer_blacklist_rdns
ip-whitelist-file=/var/qmail/spamdyke/domain_configs/firstdomain.tld/customer_whitelist_ip
rdns-whitelist-file=/var/qmail/spamdyke/domain_configs/firstdomain.tld/customer_whitelist_rdns
sender-blacklist-file=/var/qmail/spamdyke/domain_configs/firstdomain.tld/customer_blacklist_sender
I hope this helps! ;)
David
Linto Paul schrieb:
Greetings,
Could please let me know if there is a way to whitelist a domain on
the IP_IN_RDNS_KEYWORDS on a per domain basis.
Say we get user complaining about a domain called example.com
<http://example.com>, and they say, I am the owner of example.com
<http://example.com> and want this feature not used onto our domain
even though you host it for us.
~~~~~~~~~~~~~~~
Oct 21 11:46:44 mail01 spamdyke[24348]: DENIED_IP_IN_RDNS from:
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> to:
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> origin_ip: 66.49.15.190
<http://66.49.15.190> origin_rdns: 66.49.15.190.nw.nuvox.net
<http://66.49.15.190.nw.nuvox.net> auth: (unknown)
~~~~~~~~~~~~~~~~~~~~
We have the RDNS blocked in our server via keyword:-
.nuvox.net <http://nuvox.net>
Is it possible to just put a whitelist for example.com
<http://example.com> and deny all others matching this keyword.
Thanks,
Linto Paul
On Thu, Oct 16, 2008 at 10:30 PM, <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>> wrote:
Send spamdyke-users mailing list submissions to
spamdyke-users@spamdyke.org
<mailto:spamdyke-users@spamdyke.org>
To subscribe or unsubscribe via the World Wide Web, visit
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
You can reach the person managing the list at
[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
When replying, please edit your Subject line so it is more specific
than "Re: Contents of spamdyke-users digest..."
Today's Topics:
1. Regular-Expression Support (Felix Buenemann)
2. Re: spamdyke +ip-in-rdns-keyword-blacklist-entry option
(Arthur Girardi)
3. Re: spamdyke +ip-in-rdns-keyword-blacklist-entry option
(Felix Buenemann)
4. Re: spamdyke +ip-in-rdns-keyword-blacklist-entryoption
(Tim Mancour)
----------------------------------------------------------------------
Message: 1
Date: Thu, 16 Oct 2008 17:07:56 +0200
From: Felix Buenemann <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>>
Subject: [spamdyke-users] Regular-Expression Support
To: spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org>
Message-ID: <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>
Content-Type: text/plain; charset=ISO-8859-15
Hi Sam,
I wonder wether there is a specific reason not to use regular
expressions via the PCRE lib to match patterns in blacklist files etc.
Has this been avoided for performance reasons?
-- Felix Buenemann
------------------------------
Message: 2
Date: Thu, 16 Oct 2008 12:12:58 -0300
From: Arthur Girardi <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>>
Subject: Re: [spamdyke-users] spamdyke
+ip-in-rdns-keyword-blacklist-entry option
To: spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org>
Message-ID: <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>>
Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes";
format="flowed"
For me it looks as if the message is being blocked because it contains
the country code and ip in the rdns and his setup has
reject-ip-in-cc-rdns enabled.
In the FAQ it says it will check reject-ip-in-cc-rdns before looking
at the rdns whitelist. I'm not sure if reject-ip-in-cc-rdns would
reject on spot even if it would match in the next filter (rdns
whitelist).
Arthur
Citando Sam Clippinger <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>:
> It looks like you're trying to use keywords in your rDNS
whitelist file;
> those files don't work that way. In an rDNS whitelist file, you can
> either give complete rDNS names or you can give partial names
(starting
> with a dot) that will match the end of an rDNS name. For example:
> fully.qualified.domain.name.example.com
<http://fully.qualified.domain.name.example.com>
> Will match only one rDNS name (i.e. the entire name
> "fully.qualified.domain.name.example.com
<http://fully.qualified.domain.name.example.com>").
>
> To match all names within a domain (or subdomain):
> .name.example.com <http://name.example.com>
> Will match rDNS names that end with ".name.example.com
<http://name.example.com>" (e.g.
> "fully.qualified.domain.name.example.com
<http://fully.qualified.domain.name.example.com>",
> "silly.domain.name.example.com
<http://silly.domain.name.example.com>" or "short.name.example.com
<http://short.name.example.com>").
>
> This file format is documented here:
> http://www.spamdyke.org/documentation/README_rdns_file_format.html
>
> -- Sam Clippinger
>
> [EMAIL PROTECTED] wrote:
>> Hi list!
>> I run spamdyke 4.0.5 on Debian.
>>
>> I have this in my whitelist_rdns:
>> .static.
>> static.
>> .dedicated.
>> dedicated.
>>
>> But spamdyke reject emails:
>> 10/16/2008 15:03:52 LOG OUTPUT
>> DENIED_IP_IN_CC_RDNS from: [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>
to:
[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> origin_ip:
>> xxx.xxx.xxx.xxx origin_rdns: port-xxx-xxx-xxx-xxx.static.qsc.de
<http://port-xxx-xxx-xxx-xxx.static.qsc.de> auth:
>> (unknown)
>>
>> 10/16/2008 15:03:52 FROM REMOTE TO CHILD: 6 bytes
>> DATA
>>
>> 10/16/2008 15:03:52 FROM SPAMDYKE TO REMOTE: 82 bytes
>> 554 Refused. Your reverse DNS entry contains your IP address and a
>> country code.
>>
>> 10/16/2008 15:03:52 FROM REMOTE TO CHILD: 6 bytes
>> RSET
>>
>> 10/16/2008 15:03:52 FROM SPAMDYKE TO REMOTE: 82 bytes
>> 554 Refused. Your reverse DNS entry contains your IP address and a
>> country code.
>>
>> 10/16/2008 15:03:52 FROM REMOTE TO CHILD: 6 bytes
>> QUIT
>>
>> 10/16/2008 15:03:52 FROM SPAMDYKE TO REMOTE: 82 bytes
>> 221 Refused. Your reverse DNS entry contains your IP address and a
>> country code.
>>
>> 10/16/2008 15:03:52 CLOSED
>>
>> Should
>> .static.
>> not match
>> port-xxx-xxx-xxx-xxx.static.qsc.de
<http://port-xxx-xxx-xxx-xxx.static.qsc.de>
>> normally?
>>
>> Is this the same issue what Erald report or a new problem or
did I think
>> in s.th <http://s.th>. wrong?
>>
>> Gruss,
>> Peter
>>
> _______________________________________________
> spamdyke-users mailing list
> spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org>
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
>
------------------------------
Message: 3
Date: Thu, 16 Oct 2008 17:23:24 +0200
From: Felix Buenemann <[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>>
Subject: Re: [spamdyke-users] spamdyke
+ip-in-rdns-keyword-blacklist-entry option
To: spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org>
Message-ID: <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>
Content-Type: text/plain; charset=ISO-8859-1
Am 15.10.2008 15:20 Uhr, Tim Mancour schrieb:
> Sam,
>
> There is a set of POSIX compatible regular expression functions
available in
> "C". The functions regcomp() and regexec() are both used by
qmail to provide
> regexp testing for the control/badxxxxx files.
I jusrt wrote a similar mail, as I was wondering why NOT to use
regexes
in spamdyke, my only idea was that it could hurt performance.
There is the PCRE library which enable parsing of perl compatible
regular expressions, which have IMHO the cleanest and most widely used
regex syntax. It's also very easy to test those regexes using perl.
>
> Regards,
> Tim
-- Felix
> -----Original Message-----
> From: [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
> [mailto:[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>] On Behalf Of Sam
Clippinger
> Sent: Wednesday, October 15, 2008 12:57 AM
> To: spamdyke users
> Subject: Re: [spamdyke-users] spamdyke
+ip-in-rdns-keyword-blacklist-entry
> option
>
> The kind of wildcards you're asking for (especially "*.*") would
not be easy
> to implement. However, the code that requires a keyword to be
surrounded by
> non-alphanumeric characters could be easily removed if you want
to test the
> results. In filter.c, just remove the if() block from lines 697
to 706 (in
> version 4.0.5). Rerun "make" and install the new binary. My
instinct says
> you won't like the new behavior but I could easily be wrong.
>
> In the long run, the best solution is probably to add support
for regular
> expressions. They're much more flexible and powerful and the
documentation
> would be much simpler as well, since many tutorials already
exist for
> regexps. Several people have asked for regular expression
support and it's
> on my list (though it's not high priority at the moment).
>
> -- Sam Clippinger
>
> Youri V. Kravatsky wrote:
>> Hello Sam,
>>
>>
>>> BTW, spamdyke won't find a keyword like "dyn" in the middle of
other
>>> text like "dynamic". In order to match, a keyword must (1) be
at the
>>> beginning of the name, (2) be surrounded with non-alphanumeric
>>> characters (i.e. dots or dashes) AND include the rDNS name's
TLD (e.g.
>>> "example" would not be found in "11.22.33.44.example.com
<http://11.22.33.44.example.com>") or (3) the
>>> keyword must begin with a dot AND match the entire end of the rDNS
>>> name (e.g. ".example.com <http://example.com>" would match
"11.22.33.44.example.com <http://11.22.33.44.example.com>").
>>> This logic exists to prevent a keyword like "dynamic" from
matching
>>> "11.22.33.44.notdynamic.example.com
<http://11.22.33.44.notdynamic.example.com>".
>>>
>> Well, it is not good really, I know that correctly work on
wildcards
>> is not easy work in C, unlike, perl, but it would be very good
to use
>> file like
>> .*dynamic.*
>> .dynamic*.*
>
>> .broadband*.*
>
>> .*broadband.*
>
>> .*cable.*
>
>> .cable*.*
>
>> .*pppoe.*
>
>> .pppoe*.*
>> Or else we will read log for a full days to find out all
possible
>> home-dynamic-cable-broadband providers all over the world...
>>
------------------------------
Message: 4
Date: Thu, 16 Oct 2008 12:04:24 -0400
From: "Tim Mancour" <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>
Subject: Re: [spamdyke-users] spamdyke
+ip-in-rdns-keyword-blacklist-entryoption
To: "'spamdyke users'" <spamdyke-users@spamdyke.org
<mailto:spamdyke-users@spamdyke.org>>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"
I added a rdns regexp matching to my qmailtoaster a few years ago
and I have
not noticed any performance issues. You do, however, have to make
sure that
you keep the number of expressions do to a minimum set (my list of
expressions is currently around 50 lines long).
-----Original Message-----
From: [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
[mailto:[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>] On Behalf Of Felix
Buenemann
Sent: Thursday, October 16, 2008 11:23 AM
To: spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org>
Subject: Re: [spamdyke-users] spamdyke
+ip-in-rdns-keyword-blacklist-entryoption
Am 15.10.2008 15:20 Uhr, Tim Mancour schrieb:
> Sam,
>
> There is a set of POSIX compatible regular expression functions
> available in "C". The functions regcomp() and regexec() are both
used
> by qmail to provide regexp testing for the control/badxxxxx files.
I jusrt wrote a similar mail, as I was wondering why NOT to use
regexes in
spamdyke, my only idea was that it could hurt performance.
There is the PCRE library which enable parsing of perl compatible
regular
expressions, which have IMHO the cleanest and most widely used
regex syntax.
It's also very easy to test those regexes using perl.
>
> Regards,
> Tim
-- Felix
> -----Original Message-----
> From: [EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>
> [mailto:[EMAIL PROTECTED]
<mailto:[EMAIL PROTECTED]>] On Behalf Of Sam
> Clippinger
> Sent: Wednesday, October 15, 2008 12:57 AM
> To: spamdyke users
> Subject: Re: [spamdyke-users] spamdyke
> +ip-in-rdns-keyword-blacklist-entry
> option
>
> The kind of wildcards you're asking for (especially "*.*") would not
> be easy to implement. However, the code that requires a keyword
to be
> surrounded by non-alphanumeric characters could be easily removed if
> you want to test the results. In filter.c, just remove the if()
block
> from lines 697 to 706 (in version 4.0.5). Rerun "make" and install
> the new binary. My instinct says you won't like the new
behavior but I
could easily be wrong.
>
> In the long run, the best solution is probably to add support for
> regular expressions. They're much more flexible and powerful
and the
> documentation would be much simpler as well, since many tutorials
> already exist for regexps. Several people have asked for regular
> expression support and it's on my list (though it's not high
priority at
the moment).
>
> -- Sam Clippinger
>
> Youri V. Kravatsky wrote:
>> Hello Sam,
>>
>>
>>> BTW, spamdyke won't find a keyword like "dyn" in the middle of
other
>>> text like "dynamic". In order to match, a keyword must (1) be at
>>> the beginning of the name, (2) be surrounded with non-alphanumeric
>>> characters (i.e. dots or dashes) AND include the rDNS name's
TLD (e.g.
>>> "example" would not be found in "11.22.33.44.example.com
<http://11.22.33.44.example.com>") or (3)
>>> the keyword must begin with a dot AND match the entire end of the
>>> rDNS name (e.g. ".example.com <http://example.com>" would
match "11.22.33.44.example.com <http://11.22.33.44.example.com>").
>>> This logic exists to prevent a keyword like "dynamic" from
matching
>>> "11.22.33.44.notdynamic.example.com
<http://11.22.33.44.notdynamic.example.com>".
>>>
>> Well, it is not good really, I know that correctly work on
wildcards
>> is not easy work in C, unlike, perl, but it would be very good
to use
>> file like
>> .*dynamic.*
>> .dynamic*.*
>
>> .broadband*.*
>
>> .*broadband.*
>
>> .*cable.*
>
>> .cable*.*
>
>> .*pppoe.*
>
>> .pppoe*.*
>> Or else we will read log for a full days to find out all
possible
>> home-dynamic-cable-broadband providers all over the world...
>>
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org>
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
------------------------------
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org>
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
End of spamdyke-users Digest, Vol 17, Issue 37
**********************************************
------------------------------------------------------------------------
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
--
BLACKBIT neue Medien GmbH | BLACKBIT neue Werbung GmbH
Technischer Support/ Hotline
Ernst-Ruhstrat-Straße 6 - D-37079 Göttingen
Geschäftsführer: Stefano Viani
Registergericht: Amtsgericht Göttingen, HRB 3222
Umsatzsteueridentifikationsnummer (§ 27a UstG): DE 813 114 917
Tel: +49-551-50675-50 - Fax: +49-551-50675-20
E-Mail: [EMAIL PROTECTED]
Klassische Werbung und Online-Marketing: http://www.blackbit.de
Software fuer Online-Marketing: http://www.go-community.de
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
