Firewall Wizards mailing list archives
Re: FWTK and smap/smapd
From: Greg Polanski <greg_polanski () adc com>
Date: Thu, 18 Jul 2002 11:44:56 -0500
I have supplemented ordb.org with a test of my own sendmail logs. If a mail gateway generates 29 or more 'User unknown' messages in a single mail connection (Same message ID), I add it to my own relays database, db.relays.adc.com I run this script every 10 minutes and look at the last 10 minutes of the mail log for too many 'User unknown'. In the script, I generate the reverse lookup entry for db.relays.adc.com and mail the entry to a script on the DNS server. The entry is added to DNS. The script is very effective. If anyone is interested, I can send you a copy or post it. It has comments, but the code is straightforward. mn00s70548% wc ~/IS/unknown.sh ~/IS/makedbrelays.sh 63 220 1422 /home/polansg/IS/unknown.sh 89 371 2470 /home/polansg/IS/makedbrelays.sh 152 591 3892 total greg
These days spam gets really, annoying (timewise and costwise) from a busy admin standpoint.. I run pair of sendmails with RBL (ordb.org) feature turned on and two anti-virus SMTP behind them, it's been catching maybe 20-30% of that trash..
-- _______________________________________________________________ Greg Polanski mailto:greg_polanski () adc com ADC Telecommunications, Inc. 952.917.0548 MS 36 952.917.0651 FAX PO Box 1101 612.309.4493 cell/pager Minneapolis, MN 55440-1101 6123094493 () mobile att net _______________________________________________________________ _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Re: FWTK and smap/smapd, (continued)
- Re: FWTK and smap/smapd Paul Robertson (Jul 17)
- Message not available
- Re: FWTK and smap/smapd Marcus J. Ranum (Jul 18)
- Re: FWTK and smap/smapd Roger Marquis (Jul 17)
- Re: FWTK and smap/smapd Joseph S D Yao (Jul 17)
- Re: FWTK and smap/smapd Bennett Todd (Jul 17)
- Re: FWTK and smap/smapd Rick Murphy (Jul 17)
- Re: FWTK and smap/smapd Joseph S D Yao (Jul 17)
- Re: FWTK and smap/smapd Roger Marquis (Jul 17)
- Re: FWTK and smap/smapd Brian Hatch (Jul 17)
- Re: FWTK and smap/smapd Dominik Miklaszewski (Jul 17)
- Re: FWTK and smap/smapd Devdas Bhagat (Jul 18)
- Re: FWTK and smap/smapd Greg Polanski (Jul 18)
- RE: FWTK and smap/smapd Karl Vogel (Jul 18)