Re: How to incorporate network blocks

On 2022-11-14 at 14:09:14 UTC-0500 (Mon, 14 Nov 2022 12:09:14 -0700) Grant Taylor via users is rumored to have said: > On 11/11/22 10:10 AM, Bill Cole wrote: >> From my bashrc... >> >> # type cidrcon >> cidrcon is a function >> cidrcon () >> { >> for a in $*; >> do >> echo

Re: How to incorporate network blocks

On 11/11/22 10:10 AM, Bill Cole wrote: From my bashrc... # type cidrcon cidrcon is a function cidrcon () { for a in $*; do echo $a; done | perl -e "use Net::CIDR::Lite; \$cidr = Net::CIDR::Lite->new(<>) ; \$_ = join (\"\n\",\$cidr->list) ; print \"\$_\n\";" } Oh ...

Re: How to incorporate network blocks

Actually, ipset supports - syntax:    CREATE-OPTIONS := range fromip-toip|ip/cidr [ netmask cidr ] [ timeout value ] [ counters ] [ comment ] [ skbinfo ] On 11/11/2022 18:10, Bill Cole wrote: On 2022-11-11 at 11:26:13 UTC-0500 (Fri, 11 Nov 2022 09:26:13 -0700) Grant Taylor via users is

Re: How to incorporate network blocks

On 2022-11-11 at 11:26:13 UTC-0500 (Fri, 11 Nov 2022 09:26:13 -0700) Grant Taylor via users is rumored to have said: > On 11/11/22 9:09 AM, Bert Van de Poel wrote: >> - IP/CIDR lists like the one you mention, but also lists like Stop Forum >> Spam (https://www.stopforumspam.com/) I cron fetch

Re: How to incorporate network blocks

On 11.11.22 17:09, Bert Van de Poel wrote: I've been dealing with IP blocklists using two other methods before email even reaches SA: - In postfix my smtpd_recipient_restrictions includes "reject_rbl_client zen.spamhaus.org, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_helo

Re: How to incorporate network blocks

On 11/11/22 9:09 AM, Bert Van de Poel wrote: - IP/CIDR lists like the one you mention, but also lists like Stop Forum Spam (https://www.stopforumspam.com/) I cron fetch then add to an ipset with a DROP (which is quite similar to what others are suggesting). Stop Forum Spam seems interesting.

Re: How to incorporate network blocks

I've been dealing with IP blocklists using two other methods before email even reaches SA: - In postfix my smtpd_recipient_restrictions includes "reject_rbl_client zen.spamhaus.org, reject_rhsbl_reverse_client dbl.spamhaus.org, reject_rhsbl_helo dbl.spamhaus.org, reject_rhsbl_sender

Re: How to incorporate network blocks

On 11/10/22 9:54 AM, Joey J wrote: Hello All, Hi, I'm trying to see if there is a way to incorporate network ranges into SA to essentially flag messages. N.B. at least one of the lists below is individual IPs and not networks / ranges of IPs. -- I'm not sure how to square that peg with

Re: How to incorporate network blocks

Hi, I can't speak for the other feeds, but for our (DROP), if you register a DQS key and install our plugin it would work out of the box On 10/11/22 17:54, Joey J wrote: I'm trying to incorporate: feeds.dshield.org/block.txt

How to incorporate network blocks

Hello All, I'm trying to see if there is a way to incorporate network ranges into SA to essentially flag messages. I know I can use iptables and reject it before getting to SA, but in some cases we would have legit email get flagged within these bigger blocks. I'm trying to incorporate: