On 2014-08-16, Alex <[email protected]> wrote: > Hi Ted, > > Didn't know about iplsearch, that's neat. I guess the drawback with > dnsbl is that it's not very granular with the choice of blocking ip > addresses. I cant really block say a /28 for example. Your approach > would be much better for this. At the moment with the dnsbl I am stuck > with knocking out a single IP, a /24 or /16 or /8 (cant imagine EVER > knocking out a /8, that's just insane). > > Is there an iplsearch equivalent that can do MySQL table lookups? I am > really trying to shift away from flat files where possible and have > everything in one central database.
apparently not, If you've not invested too much effort into mysql you might consider using postgresql instead. which can do CIDR lookups. > For the moment DNSbl seems to be working a treat, the same clowns who > are slipping through the cracks got an unexpected surprise this morning > during their usual spam run (I have fail2ban also setup which monitors > the exim rejectlog for the string which matches a connect reject due to > dnsbl listing then firewalls out the IP for a few hours (stops them > trying again and again and again and again and again)). Quite hilarious. > I am literally sitting here laughing whilst watching the reject log. One > small battle against the sneaky spammers where I am winning. greylisting might be another tactic you could use, greylist them for an hour or however long is sufficient for them to find spamhaus, -- umop apisdn -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
