-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Good morning, Joerg...
On Saturday 15 March 2003 04:59 am, Joerg Mertin wrote: > Since I use spamassassin and I'm having my own blacklist (domains/IP's), > the spam attempts have gone down. But if you check > http://www.solsys.org/system.php under Mail/System attacks you'll see > that through the average (Note, you can click on the Index-image for > details) of 5minutes display, it's quite a lot what is happening there. I know. As fast as we block one IP /netblock range, there are half a dozen more from the world trying to introduce themselves to us. <sigh> > My option is to check from time to time what where the worth time where > I had system attacks - then block the IP-Address Class-C ranges out > through a DROP-policy in ip-tables. Since neither myself nor anyone who logs onto any of my boxes has any use for mail from Korea or Japan, I use the "scattergun" approach, and simply drop all packets destined to port 25 from those locations. That seems to cut down the traffic a bit. > Anyone has another hint on how to have a proactive way of preventing > from spam ? Or good links to Howto's for including one of the > distributed blacklists into the own mail-daemon ? Add the following lines to your default sendmail.mc (that is, if you're using Sendmail's latest and greatest). Then run m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf and thump Sendmail (or whatever you call your .mc file and wherever it may happen to be. 8-) FEATURE(dnsbl, blackholes.mail-abuse.org', Rejected - see http://www.mail-abuse.org/rbl/')dnl FEATURE(dnsbl, relays.osirusoft.com', Rejected -- see http://www.osirusoft.com')dnl FEATURE(dnsbl, dialups.mail-abuse.org', Dialup - see http://www.mail-abuse.org/dul/')dnl FEATURE(dnsbl, relays.mail-abuse.org', Open spam relay - see http://work-rss.mail-abuse.org/rss/')dnl FEATURE(dnsbl', relays.ordb.org\', "550 Email rejected due to mail relay - see "\')dnl I'm actually somewhat impressed at the number of spam "hits" that are picked up and rejected by osirusoft on a daily basis, not to mention impressed with how quickly they put someone in the database when good proof is demonstrated that they are spamming any of my domains. If I send them headers, sendmail log entries and proof-of-spam (message) it usually takes less than 24 hours and they are rejected. That beats sending endless complaints to [EMAIL PROTECTED] and receiving meaningful promises that it will be handled. Dave - -- Dave Laird ([EMAIL PROTECTED]) The Used Kharma Lot / The Phoenix Project Web Page: http://www.kharma.net updated 03/05/2003 Usenet News server: news.kharma.net Musicians Calendar and Database access: http://www.kharma.net/calendar.html An automatic & random thought For the Minute: Old Grandad is dead but his spirits live on. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE+c0NZaE1ENZP1A28RAvSAAJ4yIrsubfY1qPv3EI+ehR5+JyptZQCfUjZM mwIIRulZy/n2K/5o1FzVZ9U= =kL0N -----END PGP SIGNATURE-----
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
