Le Vendredi 24 Février 2006 20:18, Eric Fox a écrit : > I do something similar to this. When I've rejected a message as known > spam, a log entry is posted in maillog. I then use logsurfer to monitor > maillog for these entries. Logsurfer parses out the IP and passes it on > to a script that temporarily adds a blocking rule to the firewall, and > comes back a while later to remove the rule. > > This could probably also be done from a router & transport combination as > well. I used logsurfer because I was already using it for other purposes.
Hello, I found the idea of relying on logs checker interesting and I followed it to write "See you later". Basically, it studies logs and expect to find the string ++BAN:IP++. If it founds this, it stores it in a mysql database. And then, another script update /etc/hosts.deny according to the database. I did not spent time to work on integrating this more into Exim because actually I prefer to have a rather simple exim setup, not embedding too much things. And I was not prepared to spend time to write client/server model like spamc/spamd to make something that truly scale - and starting perl new process each time a spam is caught is a no go. The drawback is the delay between the time the spam is caught and the actual ban. But so far it seems to work properly. https://gna.org/projects/seeyoulater/ Regards, -- Mathieu Roy + | Thalie : <http://yeupou.coleumes.org/> | Clio : <http://clio.coleumes.org/> | Euterpe : <http://crap.is.free.fr/> | <http://kromaniaks.coleumes.org/> +-----------------------------------------------------------+
pgpshDYWtTzwB.pgp
Description: PGP signature
-- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
