Re: Re: Problem with some SMTP MTAs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



Question for the group,

While I appreciate the excellent answers thus far and I always appreciate the support from this group,

Why implement this block as an access.db instead of a route add x.x.x.x/24 reject??

One reason might be dropped routes generate no logging..

If some address space is removed from the spamhaus droplist, than do you manually remove it from access.db list??? How do you know if it was removed?? Is address space ever removed??

Sorry but might be a better discussion for a sendmail list!! ;-)

-ed-



On Feb 20, 2007, at 2:17 PM, Chris Boyd wrote:


On Feb 20, 2007, at 11:46 AM, Edward Milstein wrote:

Do you mind sharing how you implemented the drop list as a access.db filter?? How did you represent the various network blocks??


Here's how I do it. This used to be in the completewhois.com tools section, but I can't find it anymore.

Requires Sendmail's cidrexpand. Apologies for the FreeBSD references....

#!/usr/bin/perl
#
# This script is used to convert list of ip blocks in cidr format into
# script that can be run to setup linux firewall to filter those blocks # Script is written by William Leibzon for Completewhois Bogons Project:
# http://www.completewhois.com/bogons/
#
# $1 - should be list of ip blocks in cidr format
#
# Hacked up to format the drop list for feeding to sendmail's cidrexpand # script to provide a list of net ranges to feed to sendmail's access table.
# The cidrexpand script is available in the contrib directory of your
# sendmail distribution. (/usr/src/contrib/sendmail/contrib/cidrexpand
# on FreeBSD.)
#
# Thanks to William Leibzon for the original script and Eric Kagan and
# Steve Glines for the inspiration.
# --Chris Boyd cboyd (at) gizmopartners 1-2-05
#
# Recommended usage:
# droptosend <droplist> | cidrexpand | sort | uniq
# (cidrexpand has some odd bugs that cause it to make duplicate lines)

$cidr_filename=@ARGV[0];

if ($cidr_filename eq "") {
  print "Usage: droptosend cidr_list_file\n";
  exit;
}
open ($cidr_fh, $cidr_filename)
  or die "can't open file $cidr_filename: $!";

while (<$cidr_fh>) {
  $line=$_;
($ip1,$ip2,$ip3,$ip4,$mask) = /^(\d{1,3})\.(\d{1,3})\.(\d{1,3})\. (\d{1,3})\/(\d{1,2})/; if ($ip1 ne "" && $ip2 ne "" && $ip3 ne "" && $ip4 ne "" && $mask ne "") { print "$ip1.$ip2.$ip3.$ip4/$mask ERROR:5.7.1:550 see http://www.spamhaus.org/drop/\n";;
  }
}
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux