>Does someone know how Mass Mailers and Spiders can be blocked via >squid from functioning?
Mass mailers generally use SMTP over port 25, which Squid has nothing to do with. Spiders, on the other hand, do use HTTP, and Squid can be part of the solution there.
On this case I have blocked port 25 on my NAT, that should take care of that
>I actually tried using HTB to restrict its bandwidth but it seemed not to >have any effect
However, more information would improve the quality of your answer. Who is using the spider? What is it being used to do? Do you know what program it is?
clients that come to use the systems in the cafe do so, its used to do mass telemarketing in form of scam mails, ave got samples of the programs, its hard to monitor them, cause the've devised ways of placing the files in their mail boxes and downloading it, ever since i removed floppy drives and blocked download of exe files, and any other extention they try to use, actually for some months now, i have been working with SpamAssassin developers with some help from Henrik on how to achieve webmail filtering, so that outgoing Spam Mails can be flagged by SA, it involves interfacing Squid with SpamAssassin thru ICAP, I still got some bugs, but am on it best I can, since it will be an effective solution to eliminate scam mails from the outgoing gateway server, so at both ends its filtered.
right now though, am trying to find a temp solution, while i try to fix the bugs
The advanced routing queues can only restricy by IP Address and port (and by packet flags), and are too blunt a tool to use in this case. You need something (like Squid) that can read the traffic at the application level.
Your best bet would be to find some unique characteristic of the spider (such as the User Agent string) and setup a delay pool to slow it way down. You indicated you tried this before and it didn't work - what was your setup like?
what would be the syntax in other to do so by the useragent string, using delay pools?, this is what i havent tried and sounds like the perfect solution, what i had simply tried before was to use delay pools to restrict each computer to 5kb/s browsing speed, but usually the programs seem to be able to eat up more than their share, I just couldnt figure out how it was being done, thats when i tried HTB, but no luck either
Outright blocking it will draw you into a cat and mouse game with the spider's user - he/she will try to work around your blocking, and you'll have to keep working to continue to block the user. Simply slowing it way down may make the user think it's a connection problem or a problem with the spider.
this is very true, and a more subtle approach, i agree completely
Hopefully you have a good acceptable use policy and can use it to boot the user off your network - that will be the only sure solution.
Here lies the problem, its hard to enforce the Policy, but thought this method will completely discourage it, moreover once the SQiSA code (Squid-iCAP-SpamAssassin, pronounced squizsa ) is finished I would just relax and deal em my own back.
Thanks Adam,
_________________________________________________________________
Add photos to your messages with MSN 8. Get 2 months FREE*. http://join.msn.com/?page=features/featuredemail
