Here's the link: http://wiki.exim.org/InformationGathering
Using Exim for Real Time Information Gathering Exim has a very powerful feature ReadSocket <http://wiki.exim.org/ReadSocket> tat allows Exim to send simple TCP/IP messages. These messages can be accepted and stored for real time data processing. The idea is that multiple Exim installation that are processing email could, for example, send black list data to a central gathering computer. The central gathering computer could update in real time a blacklist RBL making the blacklist information available to the world within seconds of minutes after the event occurred. In this example we'll assume that an Exim server has detected a virus bot and wants to report the IP address if the virus to a centralized blacklist. The centralized blacklist is receiving the TCP messages from many reporters who are all part of a spam fighting group. The Exim Sending Code In this example we have Exim servers configured to send simple on line messages to a central location that is gathering the status of IP addresses. The message will look like this black 1.2.3.4 The message is sent using the Exim ReadSocket <http://wiki.exim.org/ReadSocket> feature. set acl_c_socket = ${readsocket{inet:listening-server.com:444}{black $sender_host_address\n}{3s}{}{}} In the above example the message "black" along with the IP address of the sender is sent on a single line to the host "listening-server.com" on port 444. You can of course send any messages you can construct. You might want to send "white" and an IP address to white list. The Listening End The listening end can be any program that accepts connections and does something with the information. In this simple example we will just take the data and store it in a file in /tmp/karma.log. socat -u TCP4-LISTEN:444,reuseaddr,fork OPEN:/tmp/karma.log,creat,append& This file could be harvested once a minute, for example, and processed into an RBL. Or you could do something more interesting like update a MySQL database that is controlling an RBL to make the information available instantly. The Purpose If a coalition of Exim users organized to provide real time data to an IP or host name based reputation service where all who participated shared in the results it could become a powerful spam fighting tool. Exim with its ReadSocket <http://wiki.exim.org/ReadSocket> command is very suited for such a project. -- ## List details at http://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
