[exim] Host Karma Database - white/yellow/black lists - look…

Αρχική Σελίδα
Delete this message
Reply to this message
Συντάκτης: Marc Perkel
Ημερομηνία:  
Προς: exim-users
Αντικείμενο: [exim] Host Karma Database - white/yellow/black lists - looking for data
I'm still improving my list logic and I think I have it now. I'm
providing black,yellow,white listings of IP address free for all to use.
And - I'm looking for people who can help feed data into the system to
make it more comprehensive and accurate.

First - for those who want to use it I have a dns list at
hostkarma.junkemailfilter.com. If you do a lookup it will return one of
3 values.

127.0.0.1 = whitelisted
127.0.0.2 = blacklisted
127.0.0.3 = yellowlisted - this means the host sends some good email

Here's how you might use the lists:

# Mark it White 
warn dnslists = hostkarma.junkemailfilter.com=127.0.0.1
     set acl_c1 = white - dnswl - $sender_fullhost
# Mark it Yellow 
warn dnslists = hostkarma.junkemailfilter.com=127.0.0.3
     set acl_c1 = yellow - $sender_fullhost


# Using the Black List
deny dnslists = hostkarma.junkemailfilter.com=127.0.0.2

# Other Blacklists
deny !dnslists = hostkarma.junkemailfilter.com=127.0.0.1,127.0.0.3
     dnslists = sbl-xbl.spamhaus.org/<;$sender_host_address;$sender_address_domain :\
     nomail.rhsbl.sorbs.net/$sender_address_domain : cbl.abuseat.org :\ 
     list.dsbl.org : web.dnsbl.sorbs.net : socks.dnsbl.sorbs.net :\
     http.dnsbl.sorbs.net


I have a reasonable amout of data to make the lists somewhat useful. But
- I need more data. I have a simple interface for those of you who are
spam filtering to send data to the list. So I'm looking for a few
volunteers who have a lot of email volume to feed the system. All I need
from you is to run a small shell script that will send me the IP address
of the host and if that IP sent a spam or ham.

For detailed info on how the system works, here's my wiki on it.

http://wiki.ctyme.com/index.php/Spam_DNS_Lists

Basically all I'm doing is counting hams and spams in a MySQL database.
An IP has to have 25 hits to be listed. If it's 99% spam, it's
blacklisted. If it's 99% ham then it's whitelistsed. If it's in between
it's yellowlisted. And if it's not listed then I just don't have enough
information about the IP.

So - who wants to try this out?