On Tue, Oct 28, 2014 at 5:31 PM, Jan Willamowius <jan@xxxxxxxxxxxxxx> wrote: > Hi, > > from what I heard over the past week, it looks like there is a sharp > increase in H.323 spam... Hi, are you hearing this from clients, or monitoring mailing lists, or some other channel? All of my scanning attempts are coming in with a client type of oophone0.8.3. > I'd suggest to use a authentication policy to block spam and not mix it > into call routing if possible. Authentication happens before the > routing process and is designed to handle exactly this. > > We recently used SQLAuth with a client to block a SPAM wave, but > depending on the characteristics of the incoming spam you can also pick > LUA or one of the other authentication policies. See > http://www.gnugk.org/gnugk-manual-8.html Thanks, I will take a look. If I'm trying to build a dynamic blocklist, then I'm assuming that something like SQLAuth will check for updates on each request, and if the MySQL tables are updated with "Reject for this IP" then each incoming call will get checked instead of some sort of caching occurring on the GnuGK side? ------------------------------------------------------------------------------ _______________________________________________________ Posting: mailto:Openh323gk-users@xxxxxxxxxxxxxxxxxxxxx Archive: http://sourceforge.net/mailarchive/forum.php?forum_name=openh323gk-users Unsubscribe: http://lists.sourceforge.net/lists/listinfo/openh323gk-users Homepage: http://www.gnugk.org/
