On 10/15/2016 04:13 PM, Petr Bena wrote:
I already do that I use DNSBL but they have too small expiry time, if
they blacklist someone, in two days they are free to spam again. If it
worked and I didn't keep getting spammed by same IP's and same senders
all time I wouldn't have to hardcode them into my configuration, which
is indeed pretty annoying.
Are you aware that you can run your own "DNSBL" locally?
With one simple piece of software you can run IP/domain/hash black,
white, and even purple lists, for FREE
You don't have to be tied to third party lists only.
Google for rbldnsd - there's lots of info on how to setup and all you
can do with it.
On 10/15/16 15:43, Axb wrote:
On 10/15/2016 01:45 PM, Petr Bena wrote:
I would like to implement some sort of semi-automated or dynamic sender
black listing. Basically what I would like to accomplish is to have a
dynamic blacklist (not something hardcoded in config files, but rather
some sort of a database, possibly SQL based) so that I could relatively
easily add senders domains to this list.
Another thing I would like to do with this is to create a special folder
in my mailbox and create a cron task that would automatically get all
senders of emails in this folder and add it into that dynamic blacklist.
So that if I moved someone's e-mail to this specific folder in my
mailbox, their whole domain would be blacklisted in my antispam (at some
point I could probably just use current Junk folder for this purpose).
I am aware of DNSBL and I already use it, but it's not efficient enough,
I am receiving tons of spam from certain domains and IP's, which are
always same, and even if I have a cron task that automatically learn
everything from my Junk folder as spam, spamassasin pass more than 90%
of these senders in future, even if they keep using same domains and IPs
to send spam. I used to add these to config file like this:
What I would like to do is something like
Or something like that so that it would connect to localhost postgres
and checked mail sender against table blacklist in db sa or anything
similar like this.
Isn't there already some sort of a plugin that is capable of this?
Basically if there was something that would allow me to create this
dynamic blacklist (eg. let me create some mysql / postgres table that
would be used as blacklist by spamassasin) I could implement the rest
if you want to block snowshoe, chase their ranges and use IP/domain
lists to block at smtp level (rbldnsd).
blocking senders via SA is probably the most inneficient way to do it.