Hi, On Tue, May 29, 2007 at 06:12:59AM -0700, Marc Perkel wrote: > I've written a new DNS whitelist/blacklist engine and have been testing > it for about a month and it's working really well and I'm thinking about > publishing it in the Wiki here. Maybe someone can do it even better than
> This simple approach is working very well. The processing takes about 15 > seconds with 4 million lines of messages. It's thousands of times faster > Anyone interested? That sounds fairly similar to an idea I've been thinking about for the last few weeks, but you've beaten me to actually coding it up ;-) I was wondering about something like >99% spam = block outright, >80% spam = add points in SpamAssassin. That should be quite easy when creating DNS lists from the data. I'm seeing a lot of "waves" in the spam/clamav graphs at the moment, obviously trying to get around greylisting. If the same IP comes back again and again (especially to different recipients) and we keep rejecting them, then I guess it's a good indicator they are sending junk. Definitely interested in seeing any implementation details. Do you connect from Exim for each incoming mail (at SMTP time), or just parse logs later (probably faster IMO)? Thanks, Matthew -- Matthew Newton <[EMAIL PROTECTED]> Network Support and UNIX Systems Administrator, Network Services, I.T. Services, University of Leicester, Leicester LE1 7RH, United Kingdom For IT help contact helpdesk extn. 2253, <[EMAIL PROTECTED]> -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
