On Thu, 17 Mar 2011, Matus UHLAR - fantomas wrote:
On 14.03.11 13:41, Markus Reschke wrote:
Currently I'm writing a small SA plugin for checking if IP addresses of
relaying MTAs (in the Received: lines) are within a list of defined CIDR
blocks. Most admins filter specific CIDR blocks, e.g. from known SPAMming
ISPs, at the MTA level. That way all emails from the given CIDR blocks
are
rejected. But some users like to get those emails too. There could be an
important email or one from a potential customer - whatever. My SA plugin
can solve that problem by adding a SPAM score to matching emails. The
email may be flagged as SPAM but it's received.
running RBLDNS and defining simple blacklist check would do the same.
Additionally the RBLDNS can be dynamically updated w/o requiring a
restart/rebuild of SA rules base. Depending upon which RBLDNSd you're
running it may be more flexible. The "mjt" rbldnsd takes CIDR notation
but also allows address ranges (EG 10.10.10.3-10.10.10.99) as well
as nested ranges.
I run two different local RBLDNSDs, one for IP addrs & one for
hostname/RLS.
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
