I've modified Gordon Messmer's ratelimit.py to look for emails using name servers frequently used by spammers and rate-limit accordingly.
Spamming operations frequently switch IP addresses and address groups, and use a near-infinite number of domain names, often obtained from registries that offer 'name tasting' - free trials of names which can be used and abandoned at no cost. Since most receiving MTAs require that the domain names of originating servers, as given in the HELO SMTP greeting, must resolve. For this, spammers need name servers which will handle name resolution for them and their options for usable name servers are far more limited. The baddns.py module is a variation on Gordon Messmer's ratelimit.py pythonfilter module for the Courier SMTP server which applies rate-limiting based on a lookup of the name servers for a domain name, comparing the discovered name servers with a list of name servers known to be used by spammers. This pythonfilter module is available in a tarball (with a README) at <http://www.fmp.com/courier-pythonfilter-baddns.tar.gz> Suggestions and/or criticisms are welcome. I'm using this module here and it's proving to be VERY effective :) -- Lindsay Haisley | "UNIX is user-friendly, it just FMP Computer Services | chooses its friends." 512-259-1190 | -- Andreas Bogk http://www.fmp.com | ------------------------------------------------------------------------------ BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
