From owner-freebsd-questions@FreeBSD.ORG Thu Oct 26 18:21:25 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4F4F316A412 for ; Thu, 26 Oct 2006 18:21:25 +0000 (UTC) (envelope-from antennex@hotmail.com) Received: from bay0-omc1-s24.bay0.hotmail.com (bay0-omc1-s24.bay0.hotmail.com [65.54.246.96]) by mx1.FreeBSD.org (Postfix) with ESMTP id 10ADF43D55 for ; Thu, 26 Oct 2006 18:21:25 +0000 (GMT) (envelope-from antennex@hotmail.com) Received: from hotmail.com ([65.55.130.105]) by bay0-omc1-s24.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 26 Oct 2006 11:21:24 -0700 Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Thu, 26 Oct 2006 11:21:24 -0700 Message-ID: Received: from 65.55.130.123 by by125fd.bay125.hotmail.msn.com with HTTP; Thu, 26 Oct 2006 18:21:20 GMT X-Originating-IP: [65.68.247.73] X-Originating-Email: [antennex@hotmail.com] X-Sender: antennex@hotmail.com In-Reply-To: <4540EAEE.509@dir.bg> From: "Jack Stone" To: jgordeev@dir.bg, freebsd-questions@freebsd.org Date: Thu, 26 Oct 2006 13:21:20 -0500 Mime-Version: 1.0 Content-Type: text/plain; format=flowed X-OriginalArrivalTime: 26 Oct 2006 18:21:24.0784 (UTC) FILETIME=[8B9C8B00:01C6F92B] Cc: Subject: Re: Shell question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Oct 2006 18:21:25 -0000 >From: Jordan Gordeev >To: freebsd-questions@freebsd.org >Subject: Re: Shell question >Date: Thu, 26 Oct 2006 20:05:50 +0300 > >Jack Stone wrote: >>>From: Warren Block >>>To: Jack Stone >>>CC: freebsd-questions@freebsd.org >>>Subject: Re: Shell question >>>Date: Wed, 25 Oct 2006 21:35:55 -0600 (MDT) >>> >>>On Wed, 25 Oct 2006, Jack Stone wrote: >>> >>>>Folks: >>>>I have managed to piece together a shell script that is able to retrieve >>>>the domains from the spams of the day and summarize those in a special >>>>file that can then be added to the sendmail's rejects in the access.db. >>>>But, first I have to eyeball the list and remove any obvious good-guy >>>>domains. >>>> >>>>I would like to create another list of those same good guys that can be >>>>added to each day as they show up, then compare it to the above main >>>>list and delete the good guy domains before adding to the access.db. >>> >>> >>>Greylisting will be much more effective than this approach, and is easier >>>to implement. Combine that with sbl-xbl and maybe a few other DNSBLs, >>>add greet_pause of five or ten seconds, and you have much more >>>effectiveness with less false positives and much less maintenance. Adding >>>clamav rounds out the whole thing. I wrote an article that covers some >>>of this: >>> >>>http://www.wonkity.com/~wblock/greylist.pdf >>> >>>-Warren Block * Rapid City, South Dakota USA >> >> >>This shell script is just icing on the cake -- In addition to the DNSBLs, >>I have had all of those other filters running for years plus milter-regex >>in the front line, then greylist, then clamav, SA. >> >>It's the SA (SpamAssassin) that provides me the list of bad-guy domains. >>It's a very short list so I can always still eyeball it and remove any >>obvious good ones. It's just sometimes I have made a mistake and let in a >>good guy, say, like one of my own domains. If I had a "good-guy list" to >>watch over my shoulder and check the bad-guy list before adding to the >>access-reject, then those would never happen again. Those bad guys are >>pretty obvious by their names. >> >>Even if the domains are "throw-aways", I can stop a few more this way >>although I have to purge the sendmail access DB ever so often. My users >>might get 1 or 2 spams a month with my line of defenses. Takes a lot of my >>time, but worth the results. This shell would be a big help tho. >> >>Would appreciate any more tips on how to have my daily bad-guy list >>checked against the good-guy list. Both are flat files with the domains >>listed in a single column. >> >>Thanks guys! >> >>Jack >> > >See comm(1). >_______________________________________________ Yep, that's it....!! Thanks, Jack _________________________________________________________________ Stay in touch with old friends and meet new ones with Windows Live Spaces http://clk.atdmt.com/MSN/go/msnnkwsp0070000001msn/direct/01/?href=http://spaces.live.com/spacesapi.aspx?wx_action=create&wx_url=/friends.aspx&mkt=en-us