Shell question
Jack Stone
antennex at hotmail.com
Thu Oct 26 13:28:55 UTC 2006
>From: Warren Block <wblock at wonkity.com>
>To: Jack Stone <antennex at hotmail.com>
>CC: freebsd-questions at freebsd.org
>Subject: Re: Shell question
>Date: Wed, 25 Oct 2006 21:35:55 -0600 (MDT)
>
>On Wed, 25 Oct 2006, Jack Stone wrote:
>
>>Folks:
>>I have managed to piece together a shell script that is able to retrieve
>>the domains from the spams of the day and summarize those in a special
>>file that can then be added to the sendmail's rejects in the access.db.
>>But, first I have to eyeball the list and remove any obvious good-guy
>>domains.
>>
>>I would like to create another list of those same good guys that can be
>>added to each day as they show up, then compare it to the above main list
>>and delete the good guy domains before adding to the access.db.
>
>Greylisting will be much more effective than this approach, and is easier
>to implement. Combine that with sbl-xbl and maybe a few other DNSBLs, add
>greet_pause of five or ten seconds, and you have much more effectiveness
>with less false positives and much less maintenance. Adding clamav rounds
>out the whole thing. I wrote an article that covers some of this:
>
>http://www.wonkity.com/~wblock/greylist.pdf
>
>-Warren Block * Rapid City, South Dakota USA
This shell script is just icing on the cake -- In addition to the DNSBLs, I
have had all of those other filters running for years plus milter-regex in
the front line, then greylist, then clamav, SA.
It's the SA (SpamAssassin) that provides me the list of bad-guy domains.
It's a very short list so I can always still eyeball it and remove any
obvious good ones. It's just sometimes I have made a mistake and let in a
good guy, say, like one of my own domains. If I had a "good-guy list" to
watch over my shoulder and check the bad-guy list before adding to the
access-reject, then those would never happen again. Those bad guys are
pretty obvious by their names.
Even if the domains are "throw-aways", I can stop a few more this way
although I have to purge the sendmail access DB ever so often. My users
might get 1 or 2 spams a month with my line of defenses. Takes a lot of my
time, but worth the results. This shell would be a big help tho.
Would appreciate any more tips on how to have my daily bad-guy list checked
against the good-guy list. Both are flat files with the domains listed in a
single column.
Thanks guys!
Jack
_________________________________________________________________
Try Search Survival Kits: Fix up your home and better handle your cash with
Live Search!
http://imagine-windowslive.com/search/kits/default.aspx?kit=improve&locale=en-US&source=hmtagline
More information about the freebsd-questions
mailing list