l i n u x - u s e r s - g r o u p - o f - d a v i s
L U G O D
 
Next Meeting:
November 4: Social gathering
Next Installfest:
TBD
Latest News:
Oct. 24: LUGOD election season has begun!
Page last updated:
2003 Apr 15 14:28

The following is an archive of a post made to our 'vox mailing list' by one of its subscribers.

Report this post as spam:

(Enter your email address)
Re: [vox] Spamassassin, global blacklists?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [vox] Spamassassin, global blacklists?



I have used iptables/ipchains to limit access, but that was when I was the
only user on the box getting email. I have 2 people from Denmark, 1 from
Japan, 2 from China, and others from other countries.

Because of this, I cannot easily blanket ban entire continents.

What I have been doing is running spamassassin with a global config that
contains blacklists.

/etc/mail/spamassassin/local.cf

[snip]
blacklist_from  *@247mail.com
blacklist_from  *@*.247mail.com
blacklist_from  *@b1st2gamble.com
blacklist_from  *@bizrate.com
blacklist_from  *@*.bizrate.com
[snip]

And then allowed users to modify user prefs "ok_languages" and
"ok_locales" to control what languages/locales they wish to block/accept.

> I have received spam from these addresses:
>
> Asia
>
> iptables -A INPUT -s 61.0.0.0/8      -j DROP
> iptables -A INPUT -s 62.0.0.0/8      -j DROP
> iptables -A INPUT -s 62.0.0.0/8      -j DROP
> iptables -A INPUT -s 202.0.0.0/7     -j DROP
> iptables -A INPUT -s 210.0.0.0/7     -j DROP
> iptables -A INPUT -s 219.0.0.0/8     -j DROP
> iptables -A INPUT -s 163.13.0.0/16   -j DROP
> iptables -A INPUT -s 163.14.0.0/15   -j DROP
> iptables -A INPUT -s 163.16.0.0/12   -j DROP
> iptables -A INPUT -s 163.22.0.0/16   -j DROP
> iptables -A INPUT -s 163.25.0.0/16   -j DROP
> iptables -A INPUT -s 163.32.0.0/16   -j DROP
> iptables -A INPUT -s 159.226.0.0/16  -j DROP
>
> Europe
>
> iptables -A INPUT -s 80.0.0.0/8      -j DROP
> iptables -A INPUT -s 81.0.0.0/8      -j DROP
> iptables -A INPUT -s 193.0.0.0/8     -j DROP
> iptables -A INPUT -s 212.0.0.0/8     -j DROP
> iptables -A INPUT -s 213.0.0.0/8     -j DROP
> iptables -A INPUT -s 217.0.0.0/8     -j DROP
>
> Latin America
>
> iptables -A INPUT -s 200.0.0.0/8     -j DROP
>
> I am currently accepting HTTP everywhere and mail
> from the Europe and Latin America IPs, but not from
> Asia.  iptables is a bit rude for spam control, but
> I have found from experience that attemps to hack
> my machine come from the same places, so...
>
> Joel
>
> On Mon, Apr 14, 2003 at 11:43:57PM -0700, ME wrote:
>> Hello,
>>
>> <bragging about kewlness of SM and SA>
>> I switched over to store spamassassin user config settings in a SQL DB
>> and
>> SquirrelMail addressbooks and Squirrelmail user prefs in SQL DB as well
>> (3
>> different tables.) This works very well, and I just finished modifying a
>> SM plugin (php) that permits me to let each user control their own SQL
>> stored Spamassassin settings... This stuff rocks!
>> </bragging>
>>
>> Anyway, I have a growing global blacklist_from for my domain's filtering
>> and wanted to know if any of you share global blacklists.
>>
>> Have you used used the rcvd from blacklist? Opinions?
>>
>> I must say that since I added web based SM config for languages and
>> locales that "foreign language" spam has decreased a bit. (Someone here
>> mentioned that they used it, and after I looked into it, I could see the
>> benefits. Thanks for the suggestion!)
>>
>> Anyone have a global blacklist from they want to share.
>> _______________________________________________
>> vox mailing list
>> vox@lists.lugod.org
>> http://lists.lugod.org/mailman/listinfo/vox
> _______________________________________________
> vox mailing list
> vox@lists.lugod.org
> http://lists.lugod.org/mailman/listinfo/vox
>
>

_______________________________________________
vox mailing list
vox@lists.lugod.org
http://lists.lugod.org/mailman/listinfo/vox



LinkedIn
LUGOD Group on LinkedIn
Sign up for LUGOD event announcements
Your email address:
facebook
LUGOD Group on Facebook
'Like' LUGOD on Facebook:

Hosting provided by:
Sunset Systems
Sunset Systems offers preconfigured Linux systems, remote system administration and custom software development.

LUGOD: Linux Users' Group of Davis
PO Box 2082, Davis, CA 95617
Contact Us

LUGOD is a 501(c)7 non-profit organization
based in Davis, California
and serving the Sacramento area.
"Linux" is a trademark of Linus Torvalds.

Sponsored in part by:
Sunset Systems
Who graciously hosts our website & mailing lists!