Apologies in advance for what is undoubtedly going to turn out to be a "D'oh!" error on my part, but I'm running out of ideas here.
I'm trying to block incoming mail from French snowshoe spammer "multi-fax.fr", who sends mail from a range of IP addresses and changes domain names every day to try to avoid detection. In my IP blacklist file at '/home/vpopmail/spamdyke/ip-blacklist', I have entries: 195.43.150.170 195.43.150.171 194.43.150.172 and so forth. The file contains just 40 lines (so I'm not hitting any upper limits on file size). My spamdyke configuration file at '/etc/spamdyke.conf' contains the line: ip-blacklist-file=/home/vpopmail/spamdyke/ip-blacklist The configuration file does not contain any other 'ip-blacklist-file=' entries, and 'ip-blacklist-entry' is commented out. Spamdyke itself is being invoked with: /usr/local/bin/spamdyke -f /etc/spamdyke.conf … and I know that the correct config file is being read, because it's creating its graylists at the appropriate place. Graylisting and blacklisting work splendidly, by the way. However, the French are still getting through. Here's a 'Received' line from a message: Received: from mx.lirmat.net (195.43.150.172) by mail.mydomain.com with SMTP; 12 Jan 2012 03:15:02 -0500 and here's what the logs have to say about it: /var/log/maillog:Jan 12 03:15:02 s1 spamdyke[16941]: ALLOWED from: [email protected] to: [email protected] origin_ip: 195.43.150.172 origin_rdns: mx.lirmat.net auth: (unknown) encryption: (none) I was running Spamdyke 4.1.0, I've just upgraded to Spamdyke 4.2.1. Can anyone think of a reason why IP blacklisting might not be working? Thanks for any help or suggestions, Angus _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
