Matthias Häker schreef:
Ruud H.G. van Tol:
How about DNSBL? DCC? SpamAssassin?
i woulld like to give SpamAssassin a try.
I also like DCC a lot.
http://www.dcc-servers.net/dcc/
There exists a DCC-milter.
i use Spamhaus SBL+XBL and a Procmail script who runs a PHP
commandline
script wich writes SPAM sender ip adresses into a MySql Database and
manipulates the access.db.
PHP takes considerable time to start up. Often this can be done better
inside (with MATCH), or directly from (with fgrep) procmail.
You could also use your file system as a "database", by creating
directories and files from the IP number.
to identify Spamsender i use Recipe's like
Consider indenting the quoted recipes something like 4 positions, to
make them stand out better in your messages to this list. I do it inside
rc's too.
:0
* $X_RECEIVED ??
Please use different spacing, the $ is a modifier there (it causes
reparsing).
Think about the difference between
* $ X_RECEIVED ??
and
* $ $X_RECEIVED ??
I like to place the $-modifier at the utmost left, so normally directly
after the *, and put at least one space behind it, to make clear that it
is the $-modifier and not something else.
from[$WS]+\/($\HOST|$\X_LOCAL_IP|pop\.its-h\.de|smtp\.its-h\.de)
The () are not necessary there, but they do no real harm.
{
:0
* $ ! X_SENDER_IP ?? ^^$\X_LOCAL_IP^^
{
BLOCK_DNS=$TRUE
REASON="FAKE-SENDER"
}
}
and VSnag from Dallman Ross
Good.
and some other but very carefull used identification recipes.
for me there are 2 types of SPAM
1. absolutly positiv identified Virus and Spam with a single Recived
from SMTP header where the sender ip get blocked
2. "maybe" Spam wich goes into a special inbox
and of course i have to do some whitelisting
:0
* ? (echo "$X_ENVELOPE_FROM" | $FGREP -i -f /etc/mail/friendslist)
{
WHITE=$TRUE
}
I add a header to each stigmatized message, like
:0 fhw
* spamtest ?? .
| formail -i"X-Spamtest-Log: ${spamtest}"
[character classes]
6.7 on http://pm-doc.sourceforge.net/pm-tips.html
Right. It has one strange phrase though:
To match "[(" use [)
i think to understand what he means there i have to do some try and
error testing:)
I think it should be:
To match one of the characters of "[(", use [([].
The main Problem to learn all that stuff about the different scripting
an programming technics is that learning by doing without good
structured input, and without any teacher , is sometimes very time
intensiv and leads you easy into missunderstandings
often it is not the missing information about a specific question who
missleads one , it is more the big quantity of different sources of
informations to find the a "needle" in a haystack.
5 Years ago one had a handfull links from gooogle if you where looking
for something , today you have hundreds where most of them leads you
to some "Idiots" like one self.
I use Perl (with some Inline C) more and more for about everything. For
a busy mail server, that requires a perl-daemon (like Apache has
mod_perl), because perl's startup time would bite.
(The language is called Perl, the binary is called perl.)
--
Groet, Ruud
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail