As an answer to this: "Is it possible to just put a whitelist for example.com <http://example.com> and deny all others matching this keyword."
Sure. I would just whitelist 66.49.15.190 and blacklist .nuvox.net <http://nuvox.net>. Don't know wich one catches first. I would try. Regards, David <http://66.49.15.190> David Stiller schrieb: > Hi Linto, > > the per-domain basis you can create by using the config-dir option, > wich is well documented in the documentation: > > http://www.spamdyke.org/documentation/README.html#CONFIGURATION_DIR > > Nearly any combination of sender and recipient can be configured > with this option. This way i configure black- and whitelists for > my customers. > > My structure looks like the following. > > In /etc/spamdyke.conf i set: > config-dir=/var/qmail/spamdyke/domain_setups > > The directories contain: > > domain_setups/ > `-- _recipient_ > |-- tld > | `-- firstdomain (file) > `-- tld2 > `-- seconddomain (file) > > > domain_configs/ > |-- firstdomain.tld > | |-- customer_blacklist_ip > | |-- customer_blacklist_rdns > | |-- customer_whitelist_ip > | `-- customer_whitelist_rdns > `-- seconddomain.tld2 > |-- customer_blacklist_ip > |-- customer_blacklist_rdns > |-- customer_whitelist_ip > `-- customer_whitelist_rdns > > In the file "firstdomain" you can setup the configuration > for the domain and also the IP_IN_RDNS_KEYWORDS of course. > > In my case these are: > > ip-blacklist-file=/var/qmail/spamdyke/domain_configs/firstdomain.tld/customer_blacklist_ip > rdns-blacklist-file=/var/qmail/spamdyke/domain_configs/firstdomain.tld/customer_blacklist_rdns > ip-whitelist-file=/var/qmail/spamdyke/domain_configs/firstdomain.tld/customer_whitelist_ip > rdns-whitelist-file=/var/qmail/spamdyke/domain_configs/firstdomain.tld/customer_whitelist_rdns > sender-blacklist-file=/var/qmail/spamdyke/domain_configs/firstdomain.tld/customer_blacklist_sender > > I hope this helps! ;) > > David > > > Linto Paul schrieb: >> Greetings, >> >> Could please let me know if there is a way to whitelist a domain on >> the IP_IN_RDNS_KEYWORDS on a per domain basis. >> >> Say we get user complaining about a domain called example.com >> <http://example.com>, and they say, I am the owner of example.com >> <http://example.com> and want this feature not used onto our domain >> even though you host it for us. >> >> ~~~~~~~~~~~~~~~ >> Oct 21 11:46:44 mail01 spamdyke[24348]: DENIED_IP_IN_RDNS from: >> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> to: >> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> origin_ip: 66.49.15.190 >> <http://66.49.15.190> origin_rdns: 66.49.15.190.nw.nuvox.net >> <http://66.49.15.190.nw.nuvox.net> auth: (unknown) >> ~~~~~~~~~~~~~~~~~~~~ >> >> We have the RDNS blocked in our server via keyword:- >> >> .nuvox.net <http://nuvox.net> >> >> Is it possible to just put a whitelist for example.com >> <http://example.com> and deny all others matching this keyword. >> >> Thanks, >> Linto Paul >> >> >> On Thu, Oct 16, 2008 at 10:30 PM, >> <[EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]>> wrote: >> >> Send spamdyke-users mailing list submissions to >> spamdyke-users@spamdyke.org >> <mailto:spamdyke-users@spamdyke.org> >> >> To subscribe or unsubscribe via the World Wide Web, visit >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> or, via email, send a message with subject or body 'help' to >> [EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]> >> >> You can reach the person managing the list at >> [EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]> >> >> When replying, please edit your Subject line so it is more specific >> than "Re: Contents of spamdyke-users digest..." >> >> >> Today's Topics: >> >> 1. Regular-Expression Support (Felix Buenemann) >> 2. Re: spamdyke +ip-in-rdns-keyword-blacklist-entry option >> (Arthur Girardi) >> 3. Re: spamdyke +ip-in-rdns-keyword-blacklist-entry option >> (Felix Buenemann) >> 4. Re: spamdyke +ip-in-rdns-keyword-blacklist-entryoption >> (Tim Mancour) >> >> >> ---------------------------------------------------------------------- >> >> Message: 1 >> Date: Thu, 16 Oct 2008 17:07:56 +0200 >> From: Felix Buenemann <[EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]>> >> Subject: [spamdyke-users] Regular-Expression Support >> To: spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org> >> Message-ID: <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> >> Content-Type: text/plain; charset=ISO-8859-15 >> >> Hi Sam, >> >> I wonder wether there is a specific reason not to use regular >> expressions via the PCRE lib to match patterns in blacklist files >> etc. >> >> Has this been avoided for performance reasons? >> >> -- Felix Buenemann >> >> >> >> ------------------------------ >> >> Message: 2 >> Date: Thu, 16 Oct 2008 12:12:58 -0300 >> From: Arthur Girardi <[EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]>> >> Subject: Re: [spamdyke-users] spamdyke >> +ip-in-rdns-keyword-blacklist-entry option >> To: spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org> >> Message-ID: >> <[EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]>> >> Content-Type: text/plain; charset=ISO-8859-1; DelSp="Yes"; >> format="flowed" >> >> For me it looks as if the message is being blocked because it >> contains >> the country code and ip in the rdns and his setup has >> reject-ip-in-cc-rdns enabled. >> >> In the FAQ it says it will check reject-ip-in-cc-rdns before looking >> at the rdns whitelist. I'm not sure if reject-ip-in-cc-rdns would >> reject on spot even if it would match in the next filter (rdns >> whitelist). >> >> Arthur >> >> Citando Sam Clippinger <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>>: >> >> > It looks like you're trying to use keywords in your rDNS >> whitelist file; >> > those files don't work that way. In an rDNS whitelist file, you can >> > either give complete rDNS names or you can give partial names >> (starting >> > with a dot) that will match the end of an rDNS name. For example: >> > fully.qualified.domain.name.example.com >> <http://fully.qualified.domain.name.example.com> >> > Will match only one rDNS name (i.e. the entire name >> > "fully.qualified.domain.name.example.com >> <http://fully.qualified.domain.name.example.com>"). >> > >> > To match all names within a domain (or subdomain): >> > .name.example.com <http://name.example.com> >> > Will match rDNS names that end with ".name.example.com >> <http://name.example.com>" (e.g. >> > "fully.qualified.domain.name.example.com >> <http://fully.qualified.domain.name.example.com>", >> > "silly.domain.name.example.com >> <http://silly.domain.name.example.com>" or >> "short.name.example.com <http://short.name.example.com>"). >> > >> > This file format is documented here: >> > http://www.spamdyke.org/documentation/README_rdns_file_format.html >> > >> > -- Sam Clippinger >> > >> > [EMAIL PROTECTED] wrote: >> >> Hi list! >> >> I run spamdyke 4.0.5 on Debian. >> >> >> >> I have this in my whitelist_rdns: >> >> .static. >> >> static. >> >> .dedicated. >> >> dedicated. >> >> >> >> But spamdyke reject emails: >> >> 10/16/2008 15:03:52 LOG OUTPUT >> >> DENIED_IP_IN_CC_RDNS from: [EMAIL PROTECTED] <mailto:[EMAIL >> PROTECTED]> to: >> [EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]> origin_ip: >> >> xxx.xxx.xxx.xxx origin_rdns: >> port-xxx-xxx-xxx-xxx.static.qsc.de >> <http://port-xxx-xxx-xxx-xxx.static.qsc.de> auth: >> >> (unknown) >> >> >> >> 10/16/2008 15:03:52 FROM REMOTE TO CHILD: 6 bytes >> >> DATA >> >> >> >> 10/16/2008 15:03:52 FROM SPAMDYKE TO REMOTE: 82 bytes >> >> 554 Refused. Your reverse DNS entry contains your IP address and a >> >> country code. >> >> >> >> 10/16/2008 15:03:52 FROM REMOTE TO CHILD: 6 bytes >> >> RSET >> >> >> >> 10/16/2008 15:03:52 FROM SPAMDYKE TO REMOTE: 82 bytes >> >> 554 Refused. Your reverse DNS entry contains your IP address and a >> >> country code. >> >> >> >> 10/16/2008 15:03:52 FROM REMOTE TO CHILD: 6 bytes >> >> QUIT >> >> >> >> 10/16/2008 15:03:52 FROM SPAMDYKE TO REMOTE: 82 bytes >> >> 221 Refused. Your reverse DNS entry contains your IP address and a >> >> country code. >> >> >> >> 10/16/2008 15:03:52 CLOSED >> >> >> >> Should >> >> .static. >> >> not match >> >> port-xxx-xxx-xxx-xxx.static.qsc.de >> <http://port-xxx-xxx-xxx-xxx.static.qsc.de> >> >> normally? >> >> >> >> Is this the same issue what Erald report or a new problem or >> did I think >> >> in s.th <http://s.th>. wrong? >> >> >> >> Gruss, >> >> Peter >> >> >> > _______________________________________________ >> > spamdyke-users mailing list >> > spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org> >> > http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> > >> >> >> >> >> ------------------------------ >> >> Message: 3 >> Date: Thu, 16 Oct 2008 17:23:24 +0200 >> From: Felix Buenemann <[EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]>> >> Subject: Re: [spamdyke-users] spamdyke >> +ip-in-rdns-keyword-blacklist-entry option >> To: spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org> >> Message-ID: <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> >> Content-Type: text/plain; charset=ISO-8859-1 >> >> Am 15.10.2008 15:20 Uhr, Tim Mancour schrieb: >> > Sam, >> > >> > There is a set of POSIX compatible regular expression functions >> available in >> > "C". The functions regcomp() and regexec() are both used by >> qmail to provide >> > regexp testing for the control/badxxxxx files. >> >> I jusrt wrote a similar mail, as I was wondering why NOT to use >> regexes >> in spamdyke, my only idea was that it could hurt performance. >> >> There is the PCRE library which enable parsing of perl compatible >> regular expressions, which have IMHO the cleanest and most widely >> used >> regex syntax. It's also very easy to test those regexes using perl. >> >> > >> > Regards, >> > Tim >> >> -- Felix >> >> > -----Original Message----- >> > From: [EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]> >> > [mailto:[EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]>] On Behalf Of Sam >> Clippinger >> > Sent: Wednesday, October 15, 2008 12:57 AM >> > To: spamdyke users >> > Subject: Re: [spamdyke-users] spamdyke >> +ip-in-rdns-keyword-blacklist-entry >> > option >> > >> > The kind of wildcards you're asking for (especially "*.*") >> would not be easy >> > to implement. However, the code that requires a keyword to be >> surrounded by >> > non-alphanumeric characters could be easily removed if you want >> to test the >> > results. In filter.c, just remove the if() block from lines >> 697 to 706 (in >> > version 4.0.5). Rerun "make" and install the new binary. My >> instinct says >> > you won't like the new behavior but I could easily be wrong. >> > >> > In the long run, the best solution is probably to add support >> for regular >> > expressions. They're much more flexible and powerful and the >> documentation >> > would be much simpler as well, since many tutorials already >> exist for >> > regexps. Several people have asked for regular expression >> support and it's >> > on my list (though it's not high priority at the moment). >> > >> > -- Sam Clippinger >> > >> > Youri V. Kravatsky wrote: >> >> Hello Sam, >> >> >> >> >> >>> BTW, spamdyke won't find a keyword like "dyn" in the middle >> of other >> >>> text like "dynamic". In order to match, a keyword must (1) >> be at the >> >>> beginning of the name, (2) be surrounded with non-alphanumeric >> >>> characters (i.e. dots or dashes) AND include the rDNS name's >> TLD (e.g. >> >>> "example" would not be found in "11.22.33.44.example.com >> <http://11.22.33.44.example.com>") or (3) the >> >>> keyword must begin with a dot AND match the entire end of the >> rDNS >> >>> name (e.g. ".example.com <http://example.com>" would match >> "11.22.33.44.example.com <http://11.22.33.44.example.com>"). >> >>> This logic exists to prevent a keyword like "dynamic" from >> matching >> >>> "11.22.33.44.notdynamic.example.com >> <http://11.22.33.44.notdynamic.example.com>". >> >>> >> >> Well, it is not good really, I know that correctly work on >> wildcards >> >> is not easy work in C, unlike, perl, but it would be very good >> to use >> >> file like >> >> .*dynamic.* >> >> .dynamic*.* >> > >> >> .broadband*.* >> > >> >> .*broadband.* >> > >> >> .*cable.* >> > >> >> .cable*.* >> > >> >> .*pppoe.* >> > >> >> .pppoe*.* >> >> Or else we will read log for a full days to find out all >> possible >> >> home-dynamic-cable-broadband providers all over the world... >> >> >> >> >> >> >> ------------------------------ >> >> Message: 4 >> Date: Thu, 16 Oct 2008 12:04:24 -0400 >> From: "Tim Mancour" <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> >> Subject: Re: [spamdyke-users] spamdyke >> +ip-in-rdns-keyword-blacklist-entryoption >> To: "'spamdyke users'" <spamdyke-users@spamdyke.org >> <mailto:spamdyke-users@spamdyke.org>> >> Message-ID: <[EMAIL PROTECTED]> >> Content-Type: text/plain; charset="us-ascii" >> >> I added a rdns regexp matching to my qmailtoaster a few years ago >> and I have >> not noticed any performance issues. You do, however, have to make >> sure that >> you keep the number of expressions do to a minimum set (my list of >> expressions is currently around 50 lines long). >> >> -----Original Message----- >> From: [EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]> >> [mailto:[EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]>] On Behalf Of Felix >> Buenemann >> Sent: Thursday, October 16, 2008 11:23 AM >> To: spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org> >> Subject: Re: [spamdyke-users] spamdyke >> +ip-in-rdns-keyword-blacklist-entryoption >> >> Am 15.10.2008 15:20 Uhr, Tim Mancour schrieb: >> > Sam, >> > >> > There is a set of POSIX compatible regular expression functions >> > available in "C". The functions regcomp() and regexec() are >> both used >> > by qmail to provide regexp testing for the control/badxxxxx files. >> >> I jusrt wrote a similar mail, as I was wondering why NOT to use >> regexes in >> spamdyke, my only idea was that it could hurt performance. >> >> There is the PCRE library which enable parsing of perl compatible >> regular >> expressions, which have IMHO the cleanest and most widely used >> regex syntax. >> It's also very easy to test those regexes using perl. >> >> > >> > Regards, >> > Tim >> >> -- Felix >> >> > -----Original Message----- >> > From: [EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]> >> > [mailto:[EMAIL PROTECTED] >> <mailto:[EMAIL PROTECTED]>] On Behalf Of Sam >> > Clippinger >> > Sent: Wednesday, October 15, 2008 12:57 AM >> > To: spamdyke users >> > Subject: Re: [spamdyke-users] spamdyke >> > +ip-in-rdns-keyword-blacklist-entry >> > option >> > >> > The kind of wildcards you're asking for (especially "*.*") >> would not >> > be easy to implement. However, the code that requires a >> keyword to be >> > surrounded by non-alphanumeric characters could be easily >> removed if >> > you want to test the results. In filter.c, just remove the >> if() block >> > from lines 697 to 706 (in version 4.0.5). Rerun "make" and install >> > the new binary. My instinct says you won't like the new >> behavior but I >> could easily be wrong. >> > >> > In the long run, the best solution is probably to add support for >> > regular expressions. They're much more flexible and powerful >> and the >> > documentation would be much simpler as well, since many tutorials >> > already exist for regexps. Several people have asked for regular >> > expression support and it's on my list (though it's not high >> priority at >> the moment). >> > >> > -- Sam Clippinger >> > >> > Youri V. Kravatsky wrote: >> >> Hello Sam, >> >> >> >> >> >>> BTW, spamdyke won't find a keyword like "dyn" in the middle >> of other >> >>> text like "dynamic". In order to match, a keyword must (1) be at >> >>> the beginning of the name, (2) be surrounded with >> non-alphanumeric >> >>> characters (i.e. dots or dashes) AND include the rDNS name's >> TLD (e.g. >> >>> "example" would not be found in "11.22.33.44.example.com >> <http://11.22.33.44.example.com>") or (3) >> >>> the keyword must begin with a dot AND match the entire end of the >> >>> rDNS name (e.g. ".example.com <http://example.com>" would >> match "11.22.33.44.example.com <http://11.22.33.44.example.com>"). >> >>> This logic exists to prevent a keyword like "dynamic" from >> matching >> >>> "11.22.33.44.notdynamic.example.com >> <http://11.22.33.44.notdynamic.example.com>". >> >>> >> >> Well, it is not good really, I know that correctly work on >> wildcards >> >> is not easy work in C, unlike, perl, but it would be very good >> to use >> >> file like >> >> .*dynamic.* >> >> .dynamic*.* >> > >> >> .broadband*.* >> > >> >> .*broadband.* >> > >> >> .*cable.* >> > >> >> .cable*.* >> > >> >> .*pppoe.* >> > >> >> .pppoe*.* >> >> Or else we will read log for a full days to find out all >> possible >> >> home-dynamic-cable-broadband providers all over the world... >> >> >> >> >> _______________________________________________ >> spamdyke-users mailing list >> spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org> >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> >> >> >> ------------------------------ >> >> _______________________________________________ >> spamdyke-users mailing list >> spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org> >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> >> >> End of spamdyke-users Digest, Vol 17, Issue 37 >> ********************************************** >> >> >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> spamdyke-users mailing list >> spamdyke-users@spamdyke.org >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> > > > -- > BLACKBIT neue Medien GmbH | BLACKBIT neue Werbung GmbH > Technischer Support/ Hotline > Ernst-Ruhstrat-Straße 6 - D-37079 Göttingen > > Geschäftsführer: Stefano Viani > Registergericht: Amtsgericht Göttingen, HRB 3222 > Umsatzsteueridentifikationsnummer (§ 27a UstG): DE 813 114 917 > > Tel: +49-551-50675-50 - Fax: +49-551-50675-20 > E-Mail: [EMAIL PROTECTED] > > Klassische Werbung und Online-Marketing: http://www.blackbit.de > Software fuer Online-Marketing: http://www.go-community.de > ------------------------------------------------------------------------ > > _______________________________________________ > spamdyke-users mailing list > spamdyke-users@spamdyke.org > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > -- BLACKBIT neue Medien GmbH | BLACKBIT neue Werbung GmbH Technischer Support/ Hotline Ernst-Ruhstrat-Straße 6 - D-37079 Göttingen Geschäftsführer: Stefano Viani Registergericht: Amtsgericht Göttingen, HRB 3222 Umsatzsteueridentifikationsnummer (§ 27a UstG): DE 813 114 917 Tel: +49-551-50675-50 - Fax: +49-551-50675-20 E-Mail: [EMAIL PROTECTED] Klassische Werbung und Online-Marketing: http://www.blackbit.de Software fuer Online-Marketing: http://www.go-community.de _______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users