Jack Stone wrote:
From: Warren Block <[EMAIL PROTECTED]>
To: Jack Stone <[EMAIL PROTECTED]>
CC: freebsd-questions@freebsd.org
Subject: Re: Shell question
Date: Wed, 25 Oct 2006 21:35:55 -0600 (MDT)

On Wed, 25 Oct 2006, Jack Stone wrote:

I have managed to piece together a shell script that is able to retrieve the domains from the spams of the day and summarize those in a special file that can then be added to the sendmail's rejects in the access.db. But, first I have to eyeball the list and remove any obvious good-guy domains.

I would like to create another list of those same good guys that can be added to each day as they show up, then compare it to the above main list and delete the good guy domains before adding to the access.db.

Greylisting will be much more effective than this approach, and is easier to implement. Combine that with sbl-xbl and maybe a few other DNSBLs, add greet_pause of five or ten seconds, and you have much more effectiveness with less false positives and much less maintenance. Adding clamav rounds out the whole thing. I wrote an article that covers some of this:


-Warren Block * Rapid City, South Dakota USA

This shell script is just icing on the cake -- In addition to the DNSBLs, I have had all of those other filters running for years plus milter-regex in the front line, then greylist, then clamav, SA.

It's the SA (SpamAssassin) that provides me the list of bad-guy domains. It's a very short list so I can always still eyeball it and remove any obvious good ones. It's just sometimes I have made a mistake and let in a good guy, say, like one of my own domains. If I had a "good-guy list" to watch over my shoulder and check the bad-guy list before adding to the access-reject, then those would never happen again. Those bad guys are pretty obvious by their names.

Even if the domains are "throw-aways", I can stop a few more this way although I have to purge the sendmail access DB ever so often. My users might get 1 or 2 spams a month with my line of defenses. Takes a lot of my time, but worth the results. This shell would be a big help tho.

Would appreciate any more tips on how to have my daily bad-guy list checked against the good-guy list. Both are flat files with the domains listed in a single column.

Thanks guys!


See comm(1).
freebsd-questions@freebsd.org mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to