Jack Stone wrote:
From: Warren Block <[EMAIL PROTECTED]>
To: Jack Stone <[EMAIL PROTECTED]>
Subject: Re: Shell question
Date: Wed, 25 Oct 2006 21:35:55 -0600 (MDT)
On Wed, 25 Oct 2006, Jack Stone wrote:
I have managed to piece together a shell script that is able to
retrieve the domains from the spams of the day and summarize those in
a special file that can then be added to the sendmail's rejects in
the access.db. But, first I have to eyeball the list and remove any
obvious good-guy domains.
I would like to create another list of those same good guys that can
be added to each day as they show up, then compare it to the above
main list and delete the good guy domains before adding to the
Greylisting will be much more effective than this approach, and is
easier to implement. Combine that with sbl-xbl and maybe a few other
DNSBLs, add greet_pause of five or ten seconds, and you have much more
effectiveness with less false positives and much less maintenance.
Adding clamav rounds out the whole thing. I wrote an article that
covers some of this:
-Warren Block * Rapid City, South Dakota USA
This shell script is just icing on the cake -- In addition to the
DNSBLs, I have had all of those other filters running for years plus
milter-regex in the front line, then greylist, then clamav, SA.
It's the SA (SpamAssassin) that provides me the list of bad-guy domains.
It's a very short list so I can always still eyeball it and remove any
obvious good ones. It's just sometimes I have made a mistake and let in
a good guy, say, like one of my own domains. If I had a "good-guy list"
to watch over my shoulder and check the bad-guy list before adding to
the access-reject, then those would never happen again. Those bad guys
are pretty obvious by their names.
Even if the domains are "throw-aways", I can stop a few more this way
although I have to purge the sendmail access DB ever so often. My users
might get 1 or 2 spams a month with my line of defenses. Takes a lot of
my time, but worth the results. This shell would be a big help tho.
Would appreciate any more tips on how to have my daily bad-guy list
checked against the good-guy list. Both are flat files with the domains
listed in a single column.
email@example.com mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"