Re: [exim] Using GeoIP to block spammers - anyone?

Top Page
Delete this message
Reply to this message
Author: Chris Lightfoot
Date:  
To: Odhiambo G. Washington, exim-users
Subject: Re: [exim] Using GeoIP to block spammers - anyone?
On Thu, Jun 22, 2006 at 08:37:01PM +0300, Odhiambo G. Washington wrote:
> Hello pple,
>
> I have have a server which is where all deliveries are done. This server
> is not advertised "anymore" in DNS, but spammers are still sending to
> it in defiance of my TTL from DNS configuration.
> I know that most of my clients who use this server are located within
> my country (damn Kenya!).
>
> I now want to block all connections to this server which originate
> outside my country.
>
> I have hit google hard and found two projects that were geared towards
> introducing the complexities (yes) of using GeoIP within Exim.
>
> http://botanicus.net/dw/exim-python/exim-4.60py1.html
> http://pookey.co.uk/exim-geoip.xml
>
> One seems recent enough, but both seem like they are un-maintained.
> I am running Exim 4.62 on all my servers.
>
> Is there anyone out there using another variant of GeoIP blocking with
> Exim that they'd be willing to share with the community (me ;))?


this strikes me as a really bad idea, but as with many
really bad ideas, it's trivial to implement in perl. grab
the Geo::IP perl module, and then put

    use Geo::IP;


    sub get_country_code_from_ip ($) {
        my $ip = shift;
        our $geoip;
        $geoip ||= new Geo::IP(GEOIP_STANDARD);
        return $geoip->country_code_by_addr($ip);
    }


in your startup perl module, then use,

    ${perl{get_country_code_from_ip}{$host_address}}


to obtain the country code in a string expansion.

--
``Computer-simulators, used to stage mock failures in the flight trainer,
weren't working. This was a triumph of accurate simulation, but otherwise
not amusing.'' (Gregg Easterbrook, on space shuttle development)