Re: [exim] Automatic black list

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMKeith Martin at <-
MRichard Clayton at ->
Delete this message
Reply to this message
Author: David Saez Padros
Date:  
To: Keith Martin
CC: exim-users
Subject: Re: [exim] Automatic black list
Hi !!

> Does anyone have any suggestions as to how to go about this? There may be a
> solution out there that already does this, I just can't seem to find one...

i'm doing something similar for viruses, i just use 

logwrite       = :panic: OLS_BLACKLIST $sender_host_address


on every acl deny that detects virus patterns (some bad helo's,
dnslists, dictionary attacks, real virus detected, etc ...), then i
have a script that every 5 minutes scans the paniclog for OLS_BLACKLIST,
adds ip's to a mysql database (for easy expiration and administrarion)
and then builds a cdb blacklist database.

--
Best regards ... 

----------------------------------------------------------------
    David Saez Padros                http://www.ols.es
    On-Line Services 2000 S.L.       e-mail  david@???
    Pintor Vayreda 1                 telf    +34 902 50 29 75
    08184 Palau-Solita i Plegamans   movil   +34 670 35 27 53
----------------------------------------------------------------





This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] 551 User not local; please try <forward-path>[exim] Possible Eximon bug?->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)