Re: RBL-type header checking
Michael T. Babcock [EMAIL PROTECTED] wrote: I've written a filter in Python that scans for Received: lines and checks IP addresses found therein against a configurable list of RBL type services. It is in beta stages and definately under development, but it is very functional (doesn't crash for me anymore). http://www.fibrespeed.net/code/spamcheck.tar.gz I get a 404 on /code/ -- but I'm sure this is of interest to some here, including myself. Care to post a new URL? Charles -- --- Charles Cazabon[EMAIL PROTECTED] GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/ Any opinions expressed are just that -- my opinions. ---
Re: RBL-type header checking
On Fri, Jun 08, 2001 at 02:02:23AM -0400, Michael T. Babcock wrote: I've written a filter in Python that scans for Received: lines and checks IP addresses found therein against a configurable list of RBL type services. It is in beta stages and definately under development, but it is very functional (doesn't crash for me anymore). http://www.fibrespeed.net/code/spamcheck.tar.gz 404 -- Ben Beuchler There is no spoon. [EMAIL PROTECTED]-- The Matrix
Re: RBL-type header checking
http://www.fibrespeed.net/code/spamcheck.tar.gz 404 Thanks ... http://www.fibrespeed.net/~mbabcock/code/spamcheck.tar.gz -- Michael T. Babcock CTO, FibreSpeed
Re: RBL and ORBS
"Andrew Wafula" [EMAIL PROTECTED] writes: Hello, I was at the ORBS site the other day and I saw that as from 1st Feb 2001 relays.orbs.org would be deleted. This may seem dumb but here goes :). Now, does it mean that we can no longer use it to check for open relays No, they just split it up, to make it easier to pick and choose the parts of ORBS that you want to use. From the same part of the page that says that relays.orbs.org is going away (http://www.orbs.org/usingindex.html): * relays.orbs.org is going away and will be deleted by 1 February 2001. * Manual entries and netblock entries have already been removed from relays.orbs.org. * Use inputs.orbs.org for single stage relay filtering * Use outputs.orbs.org for immediate filtering of multihop relays. * Use delayed-outputs.orbs.org for multihop relay filtering using a 3-5 day grace period. and also the experimental zones: * manual.orbs.org - open relays tested manually and believed to be blocking the tester. Return code is 127.0.0.5. Updated: hourly * spamsources.orbs.org - direct spam sources. Returns 127.0.0.6. Updated: hourly * untestable-netblocks.orbs.org - netblocks known to contain open relays and which have been proven to be blocking the ORBS tester or who have demanded that ORBS not test. Returns 127.0.0.7. Updated: hourly * spamsource-netblocks.orbs.org - spam source and support netblocks. - Returns 127.0.0.8. Updated: hourly What this means is that you can configure your rblsmtpd to use: -routputs.orbs.org to get only use the actual, verified SPAM relays that ORBS does a good job of finding, and avoid all of their political bullshit. And you can use -rinputs.orbs.org on your customers to make sure you don't allow them to send spam through you as a third-party relay. On the whole, it should be a good thing, even if you hate ORBS. Makes it easier to pick and choose which parts of ORBS you agree with, and just filter based on them. And it makes it harder for people to drop mail that is blocked by the somewhat more biased parts of ORBS (like spamsource and untestable-netblocks) without realizing that's what they're doing. and if so what replacement do we have? Although ORBS isn't going anywhere, the RBL (www.mail-abuse.org) does similar things. --ScottG.
Re: RBL and ORBS
On 9 Feb 2001, Scott Gifford wrote: No, they just split it up, to make it easier to pick and choose the parts of ORBS that you want to use. Also I must add to my blacklist the new ORBS addresses to avoid to scan smtp of my servers Thanks for info Piotr --- Piotr Kasztelowicz [EMAIL PROTECTED] [http://www.am.torun.pl/~pekasz]
Re: RBL and ORBS
On Fri, Feb 09, 2001 at 08:47:06AM +0100, Piotr Kasztelowicz wrote: Hello This may seem dumb but here goes :). Now, does it mean that we can no longer use it to check for open relays and if so what replacement do we have? I had said about the mor free time!!! But is this really true, that ORBS has been closed permanently? Not at all. In fact, they are enhancing their service and making it more clear to users by getting rid of relays.orbs.org and serving a couple of other zones. Greetz, Peter.
Re: RBL and ORBS
On Fri, Feb 09, 2001 at 12:55:07PM +0100, Piotr Kasztelowicz wrote: On 9 Feb 2001, Scott Gifford wrote: No, they just split it up, to make it easier to pick and choose the parts of ORBS that you want to use. Also I must add to my blacklist the new ORBS addresses to avoid to scan smtp of my servers How do you know what the addresses of the ORBS testers are? Greetz, Peter.
Re: RBL gone crazy?
On Thu, 14 Dec 2000, asantos wrote: I think this is interesting for this list: http://slashdot.org/yro/00/12/13/1853237.shtml That's a mail policy issue, not a mail server issue. Consider taking RBL-related issues to: [EMAIL PROTECTED] It's certainly on-topic for that list. It'll certainly do nothing but worsen the signal-to-noise ratio here. -- Edward S. Marshall [EMAIL PROTECTED] http://www.nyx.net/~emarshal/ --- [ Felix qui potuit rerum cognoscere causas. ]
Re: RBL
msci.memphis.edu This should be relays.msci.memphis.edu. How did you enter these domains? Why did you enter both dul.maps.vix.com and dialups.mail-abuse.org What is the difference? Mate
Re: RBL
I think I entered the names that I got off of the anti-spam doc on qmail.org. I could have messed up also, thanks for the corrections. At 11:32 AM 11/20/00 -0600, Mate Wierdl wrote: msci.memphis.edu This should be relays.msci.memphis.edu. How did you enter these domains? Why did you enter both dul.maps.vix.com and dialups.mail-abuse.org What is the difference? Mate
Re: rbl users beware: MSN blocked
On Wed, 15 Nov 2000, Jon Rust wrote: Just got a call from an angry MSN user. http://www.internetnews.com/isp-news/article/0,,8_512791,00.html jon It's too bad that companies can't set up two systems... one for people who don't want to receive this spam crap and one for customers who lack clue. Amen for blocking MSN. Scott
Re: rbl users beware: MSN blocked
On Wed, Nov 15, 2000 at 06:58:30PM -0700, Scott D. Yelich wrote: It's too bad that companies can't set up two systems... one for people who don't want to receive this spam crap and one for customers who lack clue. As well as us who actually want to collect spam (for research and investigation purposes): http://em.ca/~bruceg/spam/ -- Bruce Guenter [EMAIL PROTECTED] http://em.ca/~bruceg/ PGP signature
RE: RBL
Dave Gresham [EMAIL PROTECTED] wrote: Not sure about anyone else, however this is about the 30th time I have received this message. Hmm. I only sent it once. :-) Is the message ID the same? Do the Received fields show any unexpected hops? Anyone else seeing these dupes? -Dave -Original Message- From: Dave Sill [mailto:[EMAIL PROTECTED]] Sent: Friday, October 20, 2000 8:05 AM To: [EMAIL PROTECTED] Subject: Re: RBL Mike Jimenez [EMAIL PROTECTED] wrote: First I did this setup and it did not work . tcpserver -p -v -x/etc/tcp.smtp.cdb -u1007 -g1007 0 25 \ rblsmtpd qmail-smtpd 21 | setuser qmaill accustamp | \ setuser qmaill cyclog \ -s100 -n5 /var/log/qmail/qmail-smtpd [root@black(/var/log)]: smstart [x] starting: qmail-pop3, /etc/rc.d/init.d/sendmail: setuser: command not found /etc/rc.d/init.d/sendmail: setuser: command not found accustamp, setuser, and cyclog are from an older version of daemontools. You should read the documentation for the current version of daemontools[1] and convert your script to the new commands setuidgid and multilog. LWQ's example[2] might help. -Dave Footnotes: [1] http://cr.yp.to/daemontools.html [2] http://Web.InfoAve.Net/~dsill/lwq.html#rblsmtpd -Dave
Re: RBL
Mike Jimenez [EMAIL PROTECTED] wrote: First I did this setup and it did not work . tcpserver -p -v -x/etc/tcp.smtp.cdb -u1007 -g1007 0 25 \ rblsmtpd qmail-smtpd 21 | setuser qmaill accustamp | \ setuser qmaill cyclog \ -s100 -n5 /var/log/qmail/qmail-smtpd [root@black(/var/log)]: smstart [x] starting: qmail-pop3, /etc/rc.d/init.d/sendmail: setuser: command not found /etc/rc.d/init.d/sendmail: setuser: command not found accustamp, setuser, and cyclog are from an older version of daemontools. You should read the documentation for the current version of daemontools[1] and convert your script to the new commands setuidgid and multilog. LWQ's example[2] might help. -Dave Footnotes: [1] http://cr.yp.to/daemontools.html [2] http://Web.InfoAve.Net/~dsill/lwq.html#rblsmtpd
Re: RBL... Hmmm...
Believe me, I've been very tempted to blackhole .jp, .kr and don't forget .co.uk or .it but then I realized, for the most port the spam originates from the U.S. and uses an open relay in these countries to spam. I think the long term goal is to educate the admins of these foreign domains. A good way to do that is get them listed in RBL, RSS and DUL. If sending to your domain is important to them, then they'll be prompted to secure their relaying systems. If they do not secure them, then all RBL/DUL/RSS users benefit. Meanwhile, ISPs who catch their customers spamming could apply surcharges, fines and labor costs to the spammers credit card. Sure, they'll never collect, but the spammer won't have credit or a valid credit card to open a new account elsewhere, and spam again. In other words, hit em where it hurts. ... and remeber what the first W stands for in "www" ciao Duane On Mon, 18 Sep 2000, Ben Beuchler wrote: /me digs through the rblsmtpd entries in his log after enabling RSS and DUL... Hmmm... It seems I could have saved a ton of trouble by just blackholing all of .jp and .kr! Heh heh... Anyone tried that? Ben -- Ben Beuchler [EMAIL PROTECTED] MAILER-DAEMON (612) 321-9290 x101 Bitstream Underground www.bitstream.net Duane L - [EMAIL PROTECTED] -
Re: RBL checks and header modification
* Michael T Babcock [EMAIL PROTECTED] writes: Does anyone have a program that does the checks rblsmtpd does, except that it allows the modification of the message header instead of blocking the mail? Procmail, preferably in conjunction with rblcheck: http://www.procmail.org/jari/pm-tips-body.html -- Robin S. Socha http://socha.net/
Re: RBL/MAPS/DUL etc. without rblsmtpd?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 30 Aug 2000, at 8:24, John Gonzalez/netMDC admin wrote: Am i to understand that rblsmtpd's devlopment has ceased? I think DJB's page says some mention of that, and also instructs that the functionality has been introduced into tcpserver now. You're reading it wrong. It says that rblsmtpd became part of ucspi-tcp package, not of tcpserver. Get the newest ucspi-tcp from http://cr.yp.to/ucspi-tcp.html and when you build the programs, rblsmtpd gets built, too. -BEGIN PGP SIGNATURE- Version: PGP 6.5.2 -- QDPGP 2.61a Comment: http://community.wow.net/grt/qdpgp.html iQA/AwUBOa0MpFMwP8g7qbw/EQIeCwCeISpDc9PqtjQ5X7T1yhFm1KziuH4AoLCK 1MRn3AB81jPQ7emD89XZuYj1 =4DGc -END PGP SIGNATURE- -- Petr Novotny, ANTEK CS [EMAIL PROTECTED] http://www.antek.cz PGP key ID: 0x3BA9BC3F -- Don't you know there ain't no devil there's just God when he's drunk. [Tom Waits]
Re: RBL/MAPS/DUL etc. without rblsmtpd?
On Wed, 30 Aug 2000, Petr Novotny wrote: | -BEGIN PGP SIGNED MESSAGE- | Hash: SHA1 | | On 30 Aug 2000, at 8:24, John Gonzalez/netMDC admin wrote: | | Am i to understand that rblsmtpd's devlopment has ceased? I think | DJB's page says some mention of that, and also instructs that the | functionality has been introduced into tcpserver now. | | You're reading it wrong. It says that rblsmtpd became part of | ucspi-tcp package, not of tcpserver. Get the newest ucspi-tcp from | http://cr.yp.to/ucspi-tcp.html and when you build the programs, | rblsmtpd gets built, too. Ah :) no wonder i cant find any information on anything but rblsmtpd :) I thought perhaps everybody was being lazy and hadnt switched over to the 'new method' yet :) -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 8:30am up 111 days, 14:33, 3 users, load average: 0.11, 0.13, 0.13
Re: RBL/MAPS/DUL etc. without rblsmtpd?
You misunderstood the statement. rblsmtpd is now part of the ucspi-tcp package. See: http://cr.yp.to/ucspi-tcp.html On Wed, 30 Aug 2000, John Gonzalez/netMDC admin wrote: Am i to understand that rblsmtpd's devlopment has ceased? I think DJB's page says some mention of that, and also instructs that the functionality has been introduced into tcpserver now. LWQ still makes mention of using rblsmtpd, and i'm trying to set this up on a new server i'm toying with. Anybody know any good instructions on setting these black hole lists up with tcpserver? -- ___ _ __ _ __ /___ ___ /__ John Gonzalez/Net.Tech __ __ \ __ \ __/_ __ `__ \/ __ /_ ___/ MDC Computers/netMDC! _ / / / `__/ /_ / / / / / / /_/ / / /__ (505)439-0200/fax-437-3052 /_/ /_/\___/\__/ /_/ /_/ /_/\__,_/ \___/ http://www.netmdc.com [-[system info]---] 8:20am up 111 days, 14:23, 2 users, load average: 0.06, 0.10, 0.13 - Timothy L. Mayo mailto:[EMAIL PROTECTED] Senior Systems Administrator localconnect(sm) http://www.localconnect.net/ The National Business Network Inc. http://www.nb.net/ One Monroeville Center, Suite 850 Monroeville, PA 15146 (412) 810- Phone (412) 810-8886 Fax
Re: RBL list
Tonino, The RBL uses DNS, so if your DNS server is local then it is caching copies of the RBL list locally. Henry TAG wrote: Hi, Is there a way of keeping a local copy of the RBL lists and using those instead of trying to get it from the remote site - should this not speed things up - I also know that the list is updated all the time - but can some of you peoples please comment... Thanks Tonino begin:vcard n:Baragar;Henry tel;cell:416-453-5626 tel;work:416-453-5626 x-mozilla-html:TRUE url:www.instantiated.on.ca org:Instantiated Software Inc. adr:;;130 Banff Road;Toronto;Ontario;M4P 2P5;Canada version:2.1 email;internet:[EMAIL PROTECTED] title:Principal fn:Henry Baragar end:vcard S/MIME Cryptographic Signature
Re: RBL list
Henry Baragar wrote: Tonino, The RBL uses DNS, so if your DNS server is local then it is caching copies of the RBL list locally. Henry TAG wrote: Hi, Is there a way of keeping a local copy of the RBL lists and using those instead of trying to get it from the remote site - should this not speed things up - I also know that the list is updated all the time - but can some of you peoples please comment... Thanks Tonino ok - thanks then!! Tonino
Re: RBL list
Tonino, I think I spoke too soon (only on my first cup of coffee)... Specific entries will have been cached if they have been seen before, but not necessarily the whole list. However, you can use DNS to get the complete list: see http://maps.vix.com/rbl/usage.html. Henry Henry Baragar wrote: Tonino, The RBL uses DNS, so if your DNS server is local then it is caching copies of the RBL list locally. Henry TAG wrote: Hi, Is there a way of keeping a local copy of the RBL lists and using those instead of trying to get it from the remote site - should this not speed things up - I also know that the list is updated all the time - but can some of you peoples please comment... Thanks Tonino ok - thanks then!! Tonino begin:vcard n:Baragar;Henry tel;cell:416-453-5626 tel;work:416-453-5626 x-mozilla-html:TRUE url:www.instantiated.on.ca org:Instantiated Software Inc. adr:;;130 Banff Road;Toronto;Ontario;M4P 2P5;Canada version:2.1 email;internet:[EMAIL PROTECTED] title:Principal fn:Henry Baragar end:vcard S/MIME Cryptographic Signature
Re: RBL list
On Tue, Jul 18, 2000 at 12:04:59PM +0200, TAG [EMAIL PROTECTED] wrote: Is there a way of keeping a local copy of the RBL lists and using those instead of trying to get it from the remote site - should this not speed things up - I also know that the list is updated all the time - but can some of you peoples please comment... To get the RBL list you need to go through some extra steps. The last time a checked you needed to sign an agreement not to hold MAPS liable for problems. Also note that when keeping a local copy of the list, you have to worry about what happens when MAPS takes some set of addresses off the list. There are ways to get complete copies of some other RBL styled lists. You might try looking at the primary web site for each list you are interested in to see what their policies are.
Re: RBL list
On Tue, Jul 18, 2000 at 08:49:48AM -0500, Bruno Wolff III wrote: ! There are ways to get complete copies of some other RBL styled lists. Indeed. DJB himself said as much on the dns list: http://marc.theaimsgroup.com/?m=95836494819286 ---Chris K. -- Chris, the Young One |_ but what's a dropped message between friends? Auckland, New Zealand |_ this is UDP, not TCP after all ;) ---John H. http://cloud9.hedgee.com/ |_ Robinson, IV PGP: 0xCCC6114E/0x706A6AAD |_
Re: RBL list
No, RBL onlt requires that you do that if you want certian levels of filtering (namely DNS). uscpi-tcp-88 has RBL built in.. www.qmail.org Paul Farber Farber Technology [EMAIL PROTECTED] Ph 570-628-5303 Fax 570-628-5545 On Tue, 18 Jul 2000, Bruno Wolff III wrote: On Tue, Jul 18, 2000 at 12:04:59PM +0200, TAG [EMAIL PROTECTED] wrote: Is there a way of keeping a local copy of the RBL lists and using those instead of trying to get it from the remote site - should this not speed things up - I also know that the list is updated all the time - but can some of you peoples please comment... To get the RBL list you need to go through some extra steps. The last time a checked you needed to sign an agreement not to hold MAPS liable for problems. Also note that when keeping a local copy of the list, you have to worry about what happens when MAPS takes some set of addresses off the list. There are ways to get complete copies of some other RBL styled lists. You might try looking at the primary web site for each list you are interested in to see what their policies are.
Re: RBL list
On Tue, Jul 18, 2000 at 10:44:49AM -0400, Paul Farber [EMAIL PROTECTED] wrote: No, RBL onlt requires that you do that if you want certian levels of filtering (namely DNS). uscpi-tcp-88 has RBL built in.. www.qmail.org But this program does a remote lookup each time. The original question asked about getting a complete copy of the database to speed up lookups.
Re: RBL list
The part I was zeroing in on was that you needed to sign a waiver to use the RBL. That is incorrect. You need to sign a waiver if you get the zone file via DNS zone transfers. I'm using RBL now and didn't sign a thing but I don't use the zone file. Paul Farber Farber Technology [EMAIL PROTECTED] Ph 570-628-5303 Fax 570-628-5545 On Tue, 18 Jul 2000, Bruno Wolff III wrote: On Tue, Jul 18, 2000 at 10:44:49AM -0400, Paul Farber [EMAIL PROTECTED] wrote: No, RBL onlt requires that you do that if you want certian levels of filtering (namely DNS). uscpi-tcp-88 has RBL built in.. www.qmail.org But this program does a remote lookup each time. The original question asked about getting a complete copy of the database to speed up lookups.
Re: RBL list
If you use a caching nameserver, frequent domains will automatically be cached for a given amount of time. If you read the entire website for the RBL (or other related lists) you'll find that they have subscription options ... basically you'd set yourself up as a slave server that downloads the list. This isn't really practical in my experience because it is a large amount of bandwidth to download the lists periodically ... TAG wrote: Is there a way of keeping a local copy of the RBL lists and using those instead of trying to get it from the remote site - should this not speed things up - I also know that the list is updated all the time - but can some of you peoples please comment...
Re: RBL
Noah Sutherland [EMAIL PROTECTED] writes on 11 November 1999 at 14:43:25 -0800 I am trying to set up the RBL for the first time. It just is *not* working. OK, first, here is the recommended startup line from the web site: tcpserver 0 25 tcpcontrol /etc/smtp.cdb /usr/local/bin/smtplog qmail-smtpd 21 | logger -p mail.notice Since I'm running ucspi 0.84, I believe I shouldn't use tcpcontrol (correct?) so here is my current startup line: /usr/local/bin/tcpserver -c100 -u502 -g501 -x/etc/tcp.smtp.cdb 0 25 /var/qmail/bin/smtplog /var/qmail/bin/qmail-smtpd 21 | logger -p mail.notice What method of RBL are you trying to use? The standard qmail method requires running rblsmtpd, which I don't see you doing. There were some old patches to integrate the functionality into qmail; were you using those instead? Anyway, here's what I do (sorry for the complexity; it doesn't need to be this messy, but I'm afraid if I fake it I'll get something wrong): rblzones="rbl.maps.vix.com relays.mail-abuse.org dul.maps.vix.com" rblprog="/usr/bin/rblsmtpd" rblcmd="" for zn in $rblzones ; do rblcmd="$rblcmd $rblprog -b -r $zn" done (this produces an rblcmd that looks something like "/usr/bin/rblsmtpd -b -r dul.maps.vix.com /usr/bin/rblsmtpd -b -r relays.mail-abuse.org /usr/bin/rbmsmtpd -b -r rbl.maps.fix.com", but with no line breaks in it) /usr/local/bin/supervise /var/run/tcpserver-qmail /usr/local/bin/tcpserver -v -pR -c50 -u70 -g70 -x/etc/tcp.smtp.cdb 0 smtp $rblcmd /var/qmail/bin/qmail-smtpd 21 | /var/qmail/bin/splogger smtpd 2 What this ends up being is a big stack of programs which do their thing, and then exec other programs to do another thing. The last one invoked is the actual qmail-smtpd. Here's what my tcp.smtp looks like: # tcpcontrol(8) rules for qmail smtp daemon # # In general, anywhere I want to allow relaying from, I probably want # to ignore spamblocks too. # Allow relaying from my own addresses -- at gofast 206.147.220.161-165:allow,RELAYCLIENT="",RBLSMTPD="" # # Blaisdell poly USWest static address 63.224.10.78:allow,RELAYCLIENT="",RBLSMTPD="" # # Lydy at work (All of MultiLogic, really used just by Lydy) 206.144.140.:allow,RELAYCLIENT="",RBLSMTPD="" # # Finally, allow anything else, but without relaying # (Domains to refuse entirely would go above this) :allow And this has to be compiled into a cdb with a command like tcprules tcp.smtp.cdb ddbfoobar tcp.smtp -- David Dyer-Bennet / Join the 20th century before it's too late! / [EMAIL PROTECTED] http://dd-b.lighthunters.net/ (photos) Minicon: http://www.mnstf.org/minicon http://www.dd-b.net/dd-b (sf) http://ouroboros.demesne.com/ Ouroboros Bookworms
Re: RBL
On Fri, 12 Nov 1999, David Dyer-Bennet wrote: What method of RBL are you trying to use? The standard qmail method requires running rblsmtpd, which I don't see you doing. There were some old patches to integrate the functionality into qmail; were you using those instead? I was trying the patches. That's what I get for going to the qmail web page and searching for rbl. ;) Thanks. I think I have it working now. Sincerely, Noah Sutherland System Administrator - Internet On-Ramp [EMAIL PROTECTED] To get my PGP public key, please email to [EMAIL PROTECTED] or you can get it at BAL's public key server at http://pgp.ai.mit.edu/
Re: RBL, DUL, Shubs, woohoo
Hi Doug, What is the *best* means to use the RBL, DUL, Shubs, and others, with qmail-smtpd and be able to allow our dialups to relay? tcpserver/tcprules will take care of the selective relaying, and rblsmtpd (available from ftp://koobera.math.uic.edu/pub/software/) will handle RBL for you Evan
Re: RBL-Stats v1.0 Released
hey all, here is a quickie little program i wrote to see exactly what rblsmtp is doing for you, here is an example of the output: #!/bin/sh echo "RBL-Stats v1.0 by xs [EMAIL PROTECTED]" echo "" echo "checking your logfile, this'll take a few." cat $1|grep rblsmtp ~/.rbltmp.bak echo "Since `head -1 ~/.rbltmp.bak|awk '{print $1" "$2" "$3}`" echo "RBL has blocked `grep "com/cgi" ~/.rbltmp.bak|wc -l` connections." echo "DUL has blocked `grep "com/dul" ~/.rbltmp.bak|wc -l` connections." echo "DSSL has blocked `grep dssl ~/.rbltmp.bak|wc -l` connections." echo "ORBS has blocked `grep orbs.org ~/.rbltmp.bak|wc -l` connections." echo "" echo "For a total of `grep rblsmtp ~/.rbltmp.bak|wc -l` connections blocked." echo "Great Hunt." rm ~/.rbltmp.bak #EOF Has anyone managed to get this to run? My /bin/sh doesn't do ~ expansion and the awk line appears tohave syntax errors with either the " or the ` or both. Scott
Re: RBL-Stats v1.0 Released
Hi, it looks like you have a very special Unix tho (: the scriptie worked fine for me. On Wed, Mar 24, 1999 at 12:48:25AM -0700, Scott D. Yelich wrote: Has anyone managed to get this to run? My /bin/sh doesn't do ~ expansion and the awk line appears tohave syntax errors with either the " or the ` or both. Pashah -- http://www.spb.sitek.net/~pashah/public-key-0x97739141.pgp
Re: RBL(s)
On Tue, Mar 23, 1999 at 07:55:05PM -0500, xs wrote: as anyone had the pleasure of dealing with some of the (excuse the language) ass pirates that refuse to fix their MTA(s) or work to get their sites taken out of the ORBS, RBL, DSSL, or DUL databases? We haven't had these types of complaints yet, as we only use RBL and DUL on a site basis currently. I do use ORBS on my personal account in an advisory basis (mail goes to a separate folder not bounced) but I don't think I can enable it for our site. gte.net (which one of my friends use) and a few competitor ISP's are in ORBS and I don't want to lose e-mail coming from them. I catch most of the SPAM using a procmail receipe by simplying looking for e-mail not specifically addressed to me (or any of my known aliases). ORBS comes second. We hardly ever see RBL or DUL rejects, but I guess we're not a big enough site yet. Tim
Re: RBL-Stats v1.0 Released
On Wed, Mar 24, 1999 at 12:48:25AM -0700, Scott D. Yelich wrote: blocked." echo "Great Hunt." rm ~/.rbltmp.bak #EOF Has anyone managed to get this to run? My /bin/sh doesn't do ~ expansion and the awk line appears tohave syntax errors with either the " or the ` or both. Traditional bourne shells did not do tilde expansion. The newer sh that comes with OS's like FreeBSD will do tilde expansion. It's best to use csh for tilde expansion to maintain portability, or to explicitly use bash. -- System Administrator See complete headers for address, homepage and phone numbers
Re: RBL-Stats v1.0 Released
Pavel V. Piankov [EMAIL PROTECTED] writes on 24 March 1999 at 14:43:47 +0300 Hi, it looks like you have a very special Unix tho (: the scriptie worked fine for me. On Wed, Mar 24, 1999 at 12:48:25AM -0700, Scott D. Yelich wrote: Has anyone managed to get this to run? My /bin/sh doesn't do ~ expansion and the awk line appears tohave syntax errors with either the " or the ` or both. The real Bourne shell does not do ~ expansion. Bash DOES do ~ expansion. Bash is commonly found as /bin/sh on Linux boxes, and I hear on *BSD as well. So actually, the person writing the script had the unusual Unix. -- David Dyer-Bennet [EMAIL PROTECTED] http://www.ddb.com/~ddb (photos, sf) Minicon: http://www.mnstf.org/minicon http://ouroboros.demesne.com/ The Ouroboros Bookworms Join the 20th century before it's too late!
Re: RBL(s)
anyway, thats what the BS in ORBS stands for, Behavor modification System. I had an experience like this. I moved my email activity over to my own LAN, using qmail, from my newly upgraded account with a "real" ISP, using sendmail and fetchmail to do the ISP-related activity (via PPP dial-up on my modem, etc.). That was a few months ago. A month or so ago, my outgoing emails started getting rejected by a set of mailing lists that are pretty much crucial to my daily work. (These lists had been moved to a new machine specifically to allow the host to accommodate existing customers, who might be on ORBS-listed sites, while hosting these particular lists via qmail+ezmlm. I could actually get email through via the old list addresses, which were being maintained as forwarding addresses for a limited time.) Turned out, my "real" ISP was ORBS-listed. I verified this myself (hey, the bounce messages explained how to do it, pretty cool). So, I contacted my ISP. Their first few responses were along the lines of "ORBS is stupid, it lists sites that aren't really open relays, pretty much everyone knows this, so nobody should use ORBS listing alone just to block a site". Having reviewed the material at the ORBS site, and not having enough of a clue to really know who or what to trust, I told them, a couple of times, that "well, it looks like your claim at least *was* right at one time, but these days ORBS claims to be new, improved, and have its act together, and the people maintaining these particular lists are probably not entirely clueless -- consider reviewing ORBS and/or contacting the postmaster at the mailing-list site, to learn about whether ORBS might really have a point about your email relay". A few days later, the problem was resolved: my ISP's site was delisted at ORBS. So, the problem (with ORBS, in this case) isn't necessarily a clueless sysadmin, though it might be with a sysadmin who is so experienced he remembers when ORBS was a bad thing. At least for me, it was worth taking the time to patiently suggest that, perhaps, despite the same old name, the new version was better. Of course, the above lesson probably won't help when dealing with people who think their relays must remain open, except in the sense that, perhaps even with them, patient suggestions beat "you're a clueless incompetent" on occasion. :) tq vm, (burley)
Re: RBL-Stats v1.0 Released
Joel Eriksson wrote: Have you ever heard about symlink-in-tmp problems?.. That is a classic mistake. Erm, I haven't. Where would I read about such things, and other "classic" mistakes? R. -- Two rules to success in life: 1. Don't tell people everything you know. -- Sassan Tat