l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
October 20: Web Application Hacking: How to Make and Break Security on the Web
Next Installfest:
TBD
Latest News:
Oct. 10: LUGOD Installfests coming again soon
Page last updated:
2002 Jan 02 14:50

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] ricochet
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] ricochet



begin Rod Roark <rod@sunsetsystems.com> 
> On Wednesday 02 January 2002 03:02, you wrote:
> > I just installed a perl script called "Ricochet" on my ISP account.
> >
> >   http://www.vipul.net/ricochet/
> > ...
> 
> Thanks Bill (and Pete!).  It would be nicer to have a script that 
> would help to automate what *I* do with spam, which is:
> 
> (1) Send it to spamcop.
 
macro index \Cf "<display-toggle-weed><forward-message>submit.ZZjtP1ORLykFQnBq@spam.spamcop.net\n"
macro pager \Cf "<display-toggle-weed><forward-message>submit.ZZjtP1ORLykFQnBq@spam.spamcop.net\n"

> (2) Look up the owner of the IP block containing the IP address
>     that connected to my server.

i'm working on that right now.

EOL="
"

:0 HBc:
* ^From:.*SpamCop AutoResponder.*nobody@spamcop.net
* ^\/http://spamcop.net/sc.*$
LOG "$MATCH$EOL"

at this point, i have spamcop's url.  i need to figure out how to send
the spam.  my current approach is to write a perl script to handle it.

once i successfully do that, all their verbose data will be at our
fingertips.

> (3) Looking at the results of (1) and (2), decide out if I want to
>     block the SMTP client's IP address, its entire network address,
>     the sender's email address, or all email from any address 
>     including the sender's domain.
 
the perl script mentioned above can generate a webpage that allows you
to pick and choose which one you want to do (would have to run as root
though).  alternatively, it can send you an email with all the relevent
data and you can reply to it with "block client", "block network" or
whatever.  procmail would intercept the message and do your bidding.

if anyone wants to help out, i'd be glad to collaborate.   hopefully,
i'll get my firewall fully done today and will work on it some more in
the afternoon.

pete

> Obviously this is quite tedious; though the good news is I don't 
> get much spam any more.  :-)

four words: open relay database

ok, three words.  :)

pete

-- 
PGP Fingerprint: B9F1 6CF3 47C4 7CD8 D33E  70A9 A3B9 1945 67EA 951D
PGP Public Key:  finger p@dirac.org
_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
O'Reilly and Associates
For numerous book donations.