Hi, For some time now I've been cycling URLs and IPs through a mariadb database gathered from incoming mail on a honeypot I've created. Surprising how many are received ahead of spamhaus/barracuda.
I'm looking for ideas on how to now make this information available to spamassassin on my production system. I'd like to somehow export the IPs, any URLs in the body, and email addresses to spamassassin. Is it possible for spamassassin to query a database directly? I'm familiar with how to create a uridnsbl, but is DNS the best approach here? The info needs to be updated and reloaded rapidly, and not all the info (URLs, emails) are conducive to being in DNS. Is anyone else doing this, and are you just rejecting the IPs at the SMTP level outright? Thanks, Alex
