I've modified Gordon Messmer's ratelimit.py to look for emails using
name servers frequently used by spammers and rate-limit accordingly.

Spamming operations frequently switch IP addresses and address groups,
and use a near-infinite number of domain names, often obtained from
registries that offer 'name tasting' - free trials of names which can be
used and abandoned at no cost.  Since most receiving MTAs require that
the domain names of originating servers, as given in the HELO SMTP
greeting, must resolve.  For this, spammers need name servers which will
handle name resolution for them and their options for usable name
servers are far more limited.

The baddns.py module is a variation on Gordon Messmer's ratelimit.py
pythonfilter module for the Courier SMTP server which applies
rate-limiting based on a lookup of the name servers for a domain name,
comparing the discovered name servers with a list of name servers known
to be used by spammers.

This pythonfilter module is available in a tarball (with a README) at
<http://www.fmp.com/courier-pythonfilter-baddns.tar.gz>

Suggestions and/or criticisms are welcome.  I'm using this module here
and it's proving to be VERY effective :)

-- 
Lindsay Haisley       | "UNIX is user-friendly, it just
FMP Computer Services |       chooses its friends."
512-259-1190          |          -- Andreas Bogk
http://www.fmp.com    |


------------------------------------------------------------------------------
BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT
Develop your own process in accordance with the BPMN 2 standard
Learn Process modeling best practices with Bonita BPM through live exercises
http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_
source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF
_______________________________________________
courier-users mailing list
courier-users@lists.sourceforge.net
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Reply via email to