On Sun, 14 Feb 2016, Allen Chen wrote:
On 2/12/2016 8:48 AM, Axb wrote:
On 02/12/2016 02:39 PM, Alex wrote:
> For some time now I've been cycling URLs and IPs through a mariadb
> database gathered from incoming mail on a honeypot I've created.
> Surprising how many are received ahead of spamhaus/barracuda.
>
> I'm looking for ideas on how to now make this information available to
> spamassassin on my production system. I'd like to somehow export the
> IPs, any URLs in the body, and email addresses to spamassassin.
>
> Is it possible for spamassassin to query a database directly?
Did you try iptables to block/allow IPs?
If you're getting that much abuse from specific IPs and you're sure that
it's all spam, then set up a TCP tarpit.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
Ignorance is no excuse for a law.
-----------------------------------------------------------------------
8 days until George Washington's 284th Birthday