Hi,
Can any recommend the most efficient way (ie. minimum human
interaction and system resources) to deal with a SPAM situation as shown
below where multiple IPs are using multiple domain names to send SPAM to
the same email addresses repeatedly (for over 14 days so far)? I've
changed the real domain name to domain.com and most of the email
addresses being used are no longer are active on our server. Spamdyke
is doing a great job of blocking such SPAM but the load on the server is
getting too high to be able to use the Plesk Control Panel properly.
I'm wondering if someone had a script that would scan the maillog file
for FILTER_RDNS_MISSING ip: 59.95.80.11 and either creates a file which
contained such IPs that the system administrator could then use to add
to the iptables (I think that is what would be used in Centos6) or
modifies the iptables automatically. My server is running Centos6 with
Parallels Plesk 10.4.4. Any advice would be appreciated.
Jan 29 04:13:06 apexia spamdyke[21825]: FILTER_RDNS_MISSING ip:
119.195.138.22
Jan 29 04:13:06 apexia spamdyke[21825]: DENIED_RDNS_MISSING from:
barb...@seaking.net to: b...@domain.com origin_ip: 119.195.138.22
origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: (empty)
Jan 29 04:13:06 apexia spamdyke[21825]: DENIED_RDNS_MISSING from:
barb...@seaking.net to: t...@domain.com origin_ip: 119.195.138.22
origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: (empty)
Jan 29 04:13:06 apexia spamdyke[21825]: DENIED_RDNS_MISSING from:
barb...@seaking.net to: thy...@domain.com origin_ip: 119.195.138.22
origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: (empty)
Jan 29 04:13:06 apexia spamdyke[21825]: DENIED_RDNS_MISSING from:
barb...@seaking.net to: t...@domain.com origin_ip: 119.195.138.22
origin_rdns: (unknown) auth: (unknown) encryption: (none) reason: (empty)
...
Jan 29 04:16:38 apexia spamdyke[23081]: FILTER_RDNS_MISSING ip: 59.95.80.11
Jan 29 04:16:38 apexia spamdyke[23081]: DENIED_RDNS_MISSING from:
bsoelb...@sunmountaindoors.com to: b...@domain.com origin_ip:
59.95.80.113 origin_rdns: (unknown) auth: (unknown) encryption: (none)
reason: (empty)
Jan 29 04:16:38 apexia spamdyke[23081]: DENIED_RDNS_MISSING from:
bsoelb...@sunmountaindoors.com to: t...@domain.com origin_ip:
59.95.80.113 origin_rdns: (unknown) auth: (unknown) encryption: (none)
reason: (empty)
Jan 29 04:16:38 apexia spamdyke[23081]: DENIED_RDNS_MISSING from:
bsoelb...@sunmountaindoors.com to: thy...@domain.com origin_ip:
59.95.80.113 origin_rdns: (unknown) auth: (unknown) encryption: (none)
reason: (empty)
Jan 29 04:16:38 apexia spamdyke[23081]: DENIED_RDNS_MISSING from:
bsoelb...@sunmountaindoors.com to: t...@domain.com origin_ip:
59.95.80.113 origin_rdns: (unknown) auth: (unknown) encryption: (none)
reason: (empty)
Thanks for your time and Sam thanks very much for creating Spamdyke.
Looking forward to the next version which hopefully addresses the
whitelisting/relaying issue.
Regards,
Shane Bywater
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
