Educause Security Discussion mailing list archives
Re: Spamhaus DROP list implementation?
From: "King, Ronald A." <raking () NSU EDU>
Date: Wed, 29 Apr 2009 15:55:55 -0400
After debating in my head, I thought posting to the list would be better than individual replys. Here is the script (text file). There are remarks with #### that refer to areas you will need to change for your environment. Ronald King Security Engineer Norfolk State University Marie V. McDemmond Center for Applied Research Suite 401 700 Park Ave. Norfolk, Virginia 23504 Phone: 757-823-3918 Email: raking () nsu edu http://security.nsu.edu -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mike Marseglia Sent: Wednesday, April 29, 2009 3:04 PM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: Re: [SECURITY] Spamhaus DROP list implementation? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Would you mind sharing your script? Mike Marseglia, OSHEAN w. 401-886-0887 x208 c. 401-248-4867 e. mike () oshean org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Use GnuPG with Firefox : http://getfiregpg.org (Version: 0.7.5) iEYEARECAAYFAkn4pIwACgkQN2NJvrD3H8y94QCfQ6ZUWzjltkH8puAHpVAvUkDi fe8AoJmK3sXgIg1pAr+FPHLPydukcVSh =SjOt -----END PGP SIGNATURE----- On Wed, Apr 29, 2009 at 11:23, King, Ronald A. <raking () nsu edu> wrote:
We have a script running on a Linux box every morning. It downloads the latest list, compares it to yesterday's, and generates an email
notification
of the changes. The report also contains Cisco commands to apply to the ASA's Spamhaus ACL, both remove and add. We manually apply the changes as we are hesitant to automate it. While we have no statistics, we have had only one case where we were notified it caused problems, when private IPs where included in the list. That was a fun one... Ronald King Security Engineer Norfolk State University Marie V. McDemmond Center for Applied Research Suite 401 700 Park Ave. Norfolk, Virginia 23504 Phone: 757-823-3918 Email: raking () nsu edu http://security.nsu.edu -----Original Message----- From: The EDUCAUSE Security Constituent Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Mike Marseglia Sent: Wednesday, April 29, 2009 10:28 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Spamhaus DROP list implementation? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Has anyone implemented the Spamhaus DROP list? Pros/Cons? http://www.spamhaus.org/drop/ Thank you, Mike Marseglia, OSHEAN w. 401-886-0887 x208 c. 401-248-4867 e. mike () oshean org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Use GnuPG with Firefox : http://getfiregpg.org (Version: 0.7.5) iEYEARECAAYFAkn4Y98ACgkQN2NJvrD3H8wtvwCdGrmqUFssrXV8c++jKC0mrKYj KqoAnidHML+MUxTE5HbJvDMiKO9r7RKY =5fQ7 -----END PGP SIGNATURE-----
Attachment:
do_spamhaus.sh.txt
Description:
Attachment:
smime.p7s
Description:
Current thread:
- Spamhaus DROP list implementation? Mike Marseglia (Apr 29)
- <Possible follow-ups>
- Re: Spamhaus DROP list implementation? King, Ronald A. (Apr 29)
- Re: Spamhaus DROP list implementation? Mike Marseglia (Apr 29)
- Re: Spamhaus DROP list implementation? King, Ronald A. (Apr 29)