Greetings, Could please let me know if there is a way to whitelist a domain on the IP_IN_RDNS_KEYWORDS on a per domain basis.
Say we get user complaining about a domain called example.com, and they say, I am the owner of example.com and want this feature not used onto our domain even though you host it for us. ~~~~~~~~~~~~~~~ Oct 21 11:46:44 mail01 spamdyke[24348]: DENIED_IP_IN_RDNS from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: 66.49.15.190origin_rdns: 66.49.15.190.nw.nuvox.net auth: (unknown) ~~~~~~~~~~~~~~~~~~~~ We have the RDNS blocked in our server via keyword:- .nuvox.net Is it possible to just put a whitelist for example.com and deny all others matching this keyword. Thanks, Linto Paul On Thu, Oct 16, 2008 at 10:30 PM, <[EMAIL PROTECTED]>wrote: > Send spamdyke-users mailing list submissions to > [email protected] > > To subscribe or unsubscribe via the World Wide Web, visit > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > or, via email, send a message with subject or body 'help' to > [EMAIL PROTECTED] > > You can reach the person managing the list at > [EMAIL PROTECTED] > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of spamdyke-users digest..." > > > Today's Topics: > > 1. Regular-Expression Support (Felix Buenemann) > 2. Re: spamdyke +ip-in-rdns-keyword-blacklist-entry option > (Arthur Girardi) > 3. Re: spamdyke +ip-in-rdns-keyword-blacklist-entry option > (Felix Buenemann) > 4. Re: spamdyke +ip-in-rdns-keyword-blacklist-entryoption > (Tim Mancour) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Thu, 16 Oct 2008 17:07:56 +0200 > From: Felix Buenemann <[EMAIL PROTECTED]> > Subject: [spamdyke-users] Regular-Expression Support > To: [email protected] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=ISO-8859-15 > > Hi Sam, > > I wonder wether there is a specific reason not to use regular > expressions via the PCRE lib to match patterns in blacklist files etc. > > Has this been avoided for performance reasons? > > -- Felix Buenemann > > > > ------------------------------ > > Message: 2 > Date: Thu, 16 Oct 2008 12:12:58 -0300 > From: Arthur Girardi <[EMAIL PROTECTED]> > Subject: Re: [spamdyke-users] spamdyke > +ip-in-rdns-keyword-blacklist-entry option > To: [email protected] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes"; > format="flowed" > > For me it looks as if the message is being blocked because it contains > the country code and ip in the rdns and his setup has > reject-ip-in-cc-rdns enabled. > > In the FAQ it says it will check reject-ip-in-cc-rdns before looking > at the rdns whitelist. I'm not sure if reject-ip-in-cc-rdns would > reject on spot even if it would match in the next filter (rdns > whitelist). > > Arthur > > Citando Sam Clippinger <[EMAIL PROTECTED]>: > > > It looks like you're trying to use keywords in your rDNS whitelist file; > > those files don't work that way. In an rDNS whitelist file, you can > > either give complete rDNS names or you can give partial names (starting > > with a dot) that will match the end of an rDNS name. For example: > > fully.qualified.domain.name.example.com > > Will match only one rDNS name (i.e. the entire name > > "fully.qualified.domain.name.example.com"). > > > > To match all names within a domain (or subdomain): > > .name.example.com > > Will match rDNS names that end with ".name.example.com" (e.g. > > "fully.qualified.domain.name.example.com", > > "silly.domain.name.example.com" or "short.name.example.com"). > > > > This file format is documented here: > > http://www.spamdyke.org/documentation/README_rdns_file_format.html > > > > -- Sam Clippinger > > > > [EMAIL PROTECTED] wrote: > >> Hi list! > >> I run spamdyke 4.0.5 on Debian. > >> > >> I have this in my whitelist_rdns: > >> .static. > >> static. > >> .dedicated. > >> dedicated. > >> > >> But spamdyke reject emails: > >> 10/16/2008 15:03:52 LOG OUTPUT > >> DENIED_IP_IN_CC_RDNS from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] > >> origin_ip: > >> xxx.xxx.xxx.xxx origin_rdns: port-xxx-xxx-xxx-xxx.static.qsc.de auth: > >> (unknown) > >> > >> 10/16/2008 15:03:52 FROM REMOTE TO CHILD: 6 bytes > >> DATA > >> > >> 10/16/2008 15:03:52 FROM SPAMDYKE TO REMOTE: 82 bytes > >> 554 Refused. Your reverse DNS entry contains your IP address and a > >> country code. > >> > >> 10/16/2008 15:03:52 FROM REMOTE TO CHILD: 6 bytes > >> RSET > >> > >> 10/16/2008 15:03:52 FROM SPAMDYKE TO REMOTE: 82 bytes > >> 554 Refused. Your reverse DNS entry contains your IP address and a > >> country code. > >> > >> 10/16/2008 15:03:52 FROM REMOTE TO CHILD: 6 bytes > >> QUIT > >> > >> 10/16/2008 15:03:52 FROM SPAMDYKE TO REMOTE: 82 bytes > >> 221 Refused. Your reverse DNS entry contains your IP address and a > >> country code. > >> > >> 10/16/2008 15:03:52 CLOSED > >> > >> Should > >> .static. > >> not match > >> port-xxx-xxx-xxx-xxx.static.qsc.de > >> normally? > >> > >> Is this the same issue what Erald report or a new problem or did I think > >> in s.th. wrong? > >> > >> Gruss, > >> Peter > >> > > _______________________________________________ > > spamdyke-users mailing list > > [email protected] > > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > > > > > > ------------------------------ > > Message: 3 > Date: Thu, 16 Oct 2008 17:23:24 +0200 > From: Felix Buenemann <[EMAIL PROTECTED]> > Subject: Re: [spamdyke-users] spamdyke > +ip-in-rdns-keyword-blacklist-entry option > To: [email protected] > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset=ISO-8859-1 > > Am 15.10.2008 15:20 Uhr, Tim Mancour schrieb: > > Sam, > > > > There is a set of POSIX compatible regular expression functions available > in > > "C". The functions regcomp() and regexec() are both used by qmail to > provide > > regexp testing for the control/badxxxxx files. > > I jusrt wrote a similar mail, as I was wondering why NOT to use regexes > in spamdyke, my only idea was that it could hurt performance. > > There is the PCRE library which enable parsing of perl compatible > regular expressions, which have IMHO the cleanest and most widely used > regex syntax. It's also very easy to test those regexes using perl. > > > > > Regards, > > Tim > > -- Felix > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Sam Clippinger > > Sent: Wednesday, October 15, 2008 12:57 AM > > To: spamdyke users > > Subject: Re: [spamdyke-users] spamdyke > +ip-in-rdns-keyword-blacklist-entry > > option > > > > The kind of wildcards you're asking for (especially "*.*") would not be > easy > > to implement. However, the code that requires a keyword to be surrounded > by > > non-alphanumeric characters could be easily removed if you want to test > the > > results. In filter.c, just remove the if() block from lines 697 to 706 > (in > > version 4.0.5). Rerun "make" and install the new binary. My instinct > says > > you won't like the new behavior but I could easily be wrong. > > > > In the long run, the best solution is probably to add support for regular > > expressions. They're much more flexible and powerful and the > documentation > > would be much simpler as well, since many tutorials already exist for > > regexps. Several people have asked for regular expression support and > it's > > on my list (though it's not high priority at the moment). > > > > -- Sam Clippinger > > > > Youri V. Kravatsky wrote: > >> Hello Sam, > >> > >> > >>> BTW, spamdyke won't find a keyword like "dyn" in the middle of other > >>> text like "dynamic". In order to match, a keyword must (1) be at the > >>> beginning of the name, (2) be surrounded with non-alphanumeric > >>> characters (i.e. dots or dashes) AND include the rDNS name's TLD (e.g. > >>> "example" would not be found in "11.22.33.44.example.com") or (3) the > >>> keyword must begin with a dot AND match the entire end of the rDNS > >>> name (e.g. ".example.com" would match "11.22.33.44.example.com"). > >>> This logic exists to prevent a keyword like "dynamic" from matching > >>> "11.22.33.44.notdynamic.example.com". > >>> > >> Well, it is not good really, I know that correctly work on wildcards > >> is not easy work in C, unlike, perl, but it would be very good to use > >> file like > >> .*dynamic.* > >> .dynamic*.* > > > >> .broadband*.* > > > >> .*broadband.* > > > >> .*cable.* > > > >> .cable*.* > > > >> .*pppoe.* > > > >> .pppoe*.* > >> Or else we will read log for a full days to find out all possible > >> home-dynamic-cable-broadband providers all over the world... > >> > > > > > ------------------------------ > > Message: 4 > Date: Thu, 16 Oct 2008 12:04:24 -0400 > From: "Tim Mancour" <[EMAIL PROTECTED]> > Subject: Re: [spamdyke-users] spamdyke > +ip-in-rdns-keyword-blacklist-entryoption > To: "'spamdyke users'" <[email protected]> > Message-ID: <[EMAIL PROTECTED]> > Content-Type: text/plain; charset="us-ascii" > > I added a rdns regexp matching to my qmailtoaster a few years ago and I > have > not noticed any performance issues. You do, however, have to make sure that > you keep the number of expressions do to a minimum set (my list of > expressions is currently around 50 lines long). > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Felix Buenemann > Sent: Thursday, October 16, 2008 11:23 AM > To: [email protected] > Subject: Re: [spamdyke-users] spamdyke > +ip-in-rdns-keyword-blacklist-entryoption > > Am 15.10.2008 15:20 Uhr, Tim Mancour schrieb: > > Sam, > > > > There is a set of POSIX compatible regular expression functions > > available in "C". The functions regcomp() and regexec() are both used > > by qmail to provide regexp testing for the control/badxxxxx files. > > I jusrt wrote a similar mail, as I was wondering why NOT to use regexes in > spamdyke, my only idea was that it could hurt performance. > > There is the PCRE library which enable parsing of perl compatible regular > expressions, which have IMHO the cleanest and most widely used regex > syntax. > It's also very easy to test those regexes using perl. > > > > > Regards, > > Tim > > -- Felix > > > -----Original Message----- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Sam > > Clippinger > > Sent: Wednesday, October 15, 2008 12:57 AM > > To: spamdyke users > > Subject: Re: [spamdyke-users] spamdyke > > +ip-in-rdns-keyword-blacklist-entry > > option > > > > The kind of wildcards you're asking for (especially "*.*") would not > > be easy to implement. However, the code that requires a keyword to be > > surrounded by non-alphanumeric characters could be easily removed if > > you want to test the results. In filter.c, just remove the if() block > > from lines 697 to 706 (in version 4.0.5). Rerun "make" and install > > the new binary. My instinct says you won't like the new behavior but I > could easily be wrong. > > > > In the long run, the best solution is probably to add support for > > regular expressions. They're much more flexible and powerful and the > > documentation would be much simpler as well, since many tutorials > > already exist for regexps. Several people have asked for regular > > expression support and it's on my list (though it's not high priority at > the moment). > > > > -- Sam Clippinger > > > > Youri V. Kravatsky wrote: > >> Hello Sam, > >> > >> > >>> BTW, spamdyke won't find a keyword like "dyn" in the middle of other > >>> text like "dynamic". In order to match, a keyword must (1) be at > >>> the beginning of the name, (2) be surrounded with non-alphanumeric > >>> characters (i.e. dots or dashes) AND include the rDNS name's TLD (e.g. > >>> "example" would not be found in "11.22.33.44.example.com") or (3) > >>> the keyword must begin with a dot AND match the entire end of the > >>> rDNS name (e.g. ".example.com" would match "11.22.33.44.example.com"). > >>> This logic exists to prevent a keyword like "dynamic" from matching > >>> "11.22.33.44.notdynamic.example.com". > >>> > >> Well, it is not good really, I know that correctly work on wildcards > >> is not easy work in C, unlike, perl, but it would be very good to use > >> file like > >> .*dynamic.* > >> .dynamic*.* > > > >> .broadband*.* > > > >> .*broadband.* > > > >> .*cable.* > > > >> .cable*.* > > > >> .*pppoe.* > > > >> .pppoe*.* > >> Or else we will read log for a full days to find out all possible > >> home-dynamic-cable-broadband providers all over the world... > >> > > > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > > > ------------------------------ > > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > > > End of spamdyke-users Digest, Vol 17, Issue 37 > ********************************************** >
_______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
