Hi, Can any recommend the most efficient way (ie. minimum human interaction and system resources) to deal with a SPAM situation as shown below where multiple IPs are using multiple domain names to send SPAM to the same email addresses repeatedly (for over 14 days so far)? I've changed the real domain name to domain.com and most of the email addresses being used are no longer are active on our server. Spamdyke is doing a great job of blocking such SPAM but the load on the server is getting too high to be able to use the Plesk Control Panel properly. I'm wondering if someone had a script that would scan the maillog file for FILTER_RDNS_MISSING ip: 59.95.80.11 and either creates a file which contained such IPs that the system administrator could then use to add to the iptables (I think that is what would be used in Centos6) or modifies the iptables automatically. My server is running Centos6 with Parallels Plesk 10.4.4. Any advice would be appreciated.
Jan 29 04:13:06 apexia spamdyke[21825]: FILTER_RDNS_MISSING ip: 119.195.138.22 Jan 29 04:13:06 apexia spamdyke[21825]: DENIED_RDNS_MISSING from: barb...@seaking.net to: b...@domain.com origin_ip: 119.195.138.22 origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: (empty) Jan 29 04:13:06 apexia spamdyke[21825]: DENIED_RDNS_MISSING from: barb...@seaking.net to: t...@domain.com origin_ip: 119.195.138.22 origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: (empty) Jan 29 04:13:06 apexia spamdyke[21825]: DENIED_RDNS_MISSING from: barb...@seaking.net to: thy...@domain.com origin_ip: 119.195.138.22 origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: (empty) Jan 29 04:13:06 apexia spamdyke[21825]: DENIED_RDNS_MISSING from: barb...@seaking.net to: t...@domain.com origin_ip: 119.195.138.22 origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: (empty) ... Jan 29 04:16:38 apexia spamdyke[23081]: FILTER_RDNS_MISSING ip: 59.95.80.11 Jan 29 04:16:38 apexia spamdyke[23081]: DENIED_RDNS_MISSING from: bsoelb...@sunmountaindoors.com to: b...@domain.com origin_ip: 59.95.80.113 origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: (empty) Jan 29 04:16:38 apexia spamdyke[23081]: DENIED_RDNS_MISSING from: bsoelb...@sunmountaindoors.com to: t...@domain.com origin_ip: 59.95.80.113 origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: (empty) Jan 29 04:16:38 apexia spamdyke[23081]: DENIED_RDNS_MISSING from: bsoelb...@sunmountaindoors.com to: thy...@domain.com origin_ip: 59.95.80.113 origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: (empty) Jan 29 04:16:38 apexia spamdyke[23081]: DENIED_RDNS_MISSING from: bsoelb...@sunmountaindoors.com to: t...@domain.com origin_ip: 59.95.80.113 origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: (empty) Thanks for your time and Sam thanks very much for creating Spamdyke. Looking forward to the next version which hopefully addresses the whitelisting/relaying issue. Regards, Shane Bywater _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users