| Author |
Message |
Bill Hacker
*nix forums Guru
Joined: 27 Jan 2005
Posts: 427
|
 Posted: Fri Jul 21, 2006 7:41 am Post subject:
Re: Testing my Black List
|
|
|
Marc Perkel wrote:
| Quote: |
Craig Whitmore wrote:
I have about 50,000 hosts listed that aren't listed on Spamhause or
Abuse.net.
How did you arrive at this list?
What about Removal of sites?
Addition of sites?
Reporting FP's?
Checked by Hand? or added from places you didn't like
Sites are dynamiclly added?removed?
Thanks
It's a combination of several things. Mostly honeypot but also hosts
that do things only spam hosts do like try to spoof my domains in helo
and helo with ip addresses, etc. And - I first make sure that the IP
isn't white or yellow listed before adding it.
BTW - if anyone wants to try my white list, here's the code:
warn dnslists = dnswl.junkemailfilter.com
!condition = ${if match {$acl_c1}{white}}
set acl_c1 = yellow - $sender_fullhost
warn dnslists = dnswl.junkemailfilter.com=127.0.0.1
set acl_c1 = white-soft - dnswl - $sender_fullhost
A 127.0.0.1 means it can be trusted and should be accepted as ham
without further testing. If it returns 127.0.0.2 then that means that it
sends some ham and you should bypass all blacklists.
|
Marc,
Can you manually add exiles.to on IP 203.194.153.88 to the 'blacklist' for me so
I can test?
None of the defects you mention will otherwise pass the 'Connect' or 'HELO'
phase on my servers - and I don't call RBL's until pre-data.
Thanks,
Bill
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
 |
Bill Hacker
*nix forums Guru
Joined: 27 Jan 2005
Posts: 427
|
| Posted: Fri Jul 21, 2006 7:28 am Post subject:
Re: Testing my Black List
|
|
|
Marc Perkel wrote:
| Quote: |
W B Hacker wrote:
Marc Perkel wrote:
If anyone wants to give my blacklist a try you can use this:
dnsbl.junkemailfilter.com
I have about 50,000 hosts listed that aren't listed on Spamhause or
Abuse.net.
|
One does wonder why not...???
| Quote: |
Let me know how it works.
Protocol, port, & callout method same as the big guys?
Sample acl snippet with typical return values?
Sample content fragment?
Bill
deny dnslist = dnsbl.junkemailfilter.com
Just like the big guys.
|
Yer still a bit *previous* for a 'deny' verb, Marc! First we test....
Best you get for now is this:
warn
logwrite = Querying Perkelfarben
dnslists = dnsbl.junkemailfilter.com
log_message = $dnslist_text Perkelfarben.
Bill
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Marc Perkel
*nix forums Guru
Joined: 27 Jan 2005
Posts: 502
|
| Posted: Fri Jul 21, 2006 7:20 am Post subject:
Re: Testing my Black List
|
|
|
Craig Whitmore wrote:
| Quote: | I have about 50,000 hosts listed that aren't listed on Spamhause or
Abuse.net.
How did you arrive at this list?
What about Removal of sites?
Addition of sites?
Reporting FP's?
Checked by Hand? or added from places you didn't like
Sites are dynamiclly added?removed?
Thanks
|
It's a combination of several things. Mostly honeypot but also hosts
that do things only spam hosts do like try to spoof my domains in helo
and helo with ip addresses, etc. And - I first make sure that the IP
isn't white or yellow listed before adding it.
BTW - if anyone wants to try my white list, here's the code:
warn dnslists = dnswl.junkemailfilter.com
!condition = ${if match {$acl_c1}{white}}
set acl_c1 = yellow - $sender_fullhost
warn dnslists = dnswl.junkemailfilter.com=127.0.0.1
set acl_c1 = white-soft - dnswl - $sender_fullhost
A 127.0.0.1 means it can be trusted and should be accepted as ham
without further testing. If it returns 127.0.0.2 then that means that it
sends some ham and you should bypass all blacklists.
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Marc Perkel
*nix forums Guru
Joined: 27 Jan 2005
Posts: 502
|
| Posted: Fri Jul 21, 2006 7:15 am Post subject:
Re: Testing my Black List
|
|
|
W B Hacker wrote:
| Quote: | Marc Perkel wrote:
If anyone wants to give my blacklist a try you can use this:
dnsbl.junkemailfilter.com
I have about 50,000 hosts listed that aren't listed on Spamhause or
Abuse.net.
Let me know how it works.
Protocol, port, & callout method same as the big guys?
Sample acl snippet with typical return values?
Sample content fragment?
Bill
|
deny dnslist = dnsbl.junkemailfilter.com
Just like the big guys.
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Craig Whitmore
*nix forums beginner
Joined: 21 Aug 2005
Posts: 21
|
| Posted: Fri Jul 21, 2006 7:14 am Post subject:
Re: Testing my Black List
|
|
|
| Quote: |
I have about 50,000 hosts listed that aren't listed on Spamhause or
Abuse.net.
|
How did you arrive at this list?
What about Removal of sites?
Addition of sites?
Reporting FP's?
Checked by Hand? or added from places you didn't like
Sites are dynamiclly added?removed?
Thanks
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Bill Hacker
*nix forums Guru
Joined: 27 Jan 2005
Posts: 427
|
| Posted: Fri Jul 21, 2006 6:59 am Post subject:
Re: Testing my Black List
|
|
|
Marc Perkel wrote:
| Quote: | If anyone wants to give my blacklist a try you can use this:
dnsbl.junkemailfilter.com
I have about 50,000 hosts listed that aren't listed on Spamhause or
Abuse.net.
Let me know how it works.
|
Protocol, port, & callout method same as the big guys?
Sample acl snippet with typical return values?
Sample content fragment?
Bill
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/ |
|
| Back to top |
|
|
Marc Perkel
*nix forums Guru
Joined: 27 Jan 2005
Posts: 502
|
|
| Back to top |
|
|
Google
|
|
| Back to top |
|
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Forum index
»
Apps
»
Exim
