Hi !!
> Does anyone have any suggestions as to how to go about this? There may be a
> solution out there that already does this, I just can't seem to find one...
i'm doing something similar for viruses, i just use
logwrite = :panic: OLS_BLACKLIST $sender_host_address
on every acl deny that detects virus patterns (some bad helo's,
dnslists, dictionary attacks, real virus detected, etc ...), then i
have a script that every 5 minutes scans the paniclog for OLS_BLACKLIST,
adds ip's to a mysql database (for easy expiration and administrarion)
and then builds a cdb blacklist database.
--
Best regards ...
----------------------------------------------------------------
David Saez Padros http://www.ols.es
On-Line Services 2000 S.L. e-mail david@???
Pintor Vayreda 1 telf +34 902 50 29 75
08184 Palau-Solita i Plegamans movil +34 670 35 27 53
----------------------------------------------------------------
