[SLL] collaborate on a dnsbl?

Jeremy C. Reed reed at reedmedia.net
Fri May 13 15:10:48 PDT 2005 

On Thu, 12 May 2005, Tom Redfern wrote:

> On Thu, May 12, 2005, Jeremy C. Reed wrote:
>
> I set up my own rbl.  I pipe a spam to through a wrapper that, in turn,
> gets sent to a certain user name which automatically includes that address
> in the rbl (the rbl is on a remote box).
>
> The address is entered into a hash db with the date and after 30 days, it
> gets automatically removed.  The nice thing about it is that I can include
> addresses pretty arbitrarily since they get dropped automatically.   This
> is good because Windows users do figure out that their box is cracked in
> less than 30 days.  It also has a whitehat list of its own, so if I try
> to reject an address on the whitehat list, it doesn't make it to the rbl.
>
> At one time, it parsed my mail log and any repeaters go incremented and
> remained on the list, but that part is broken.  I need to re-write the
> parser.
>
> It's pretty slick, but I can't say that doing it alone is really cost
> effective - but it does stop some repeat offenders, so it kills a few
> and it *sure feels good.
>
> My rbl file has a magic line, and anything above that line gest included
> permanently.
>
> I think this is the kind of system that's being suggested here.  If I
> were to make the rbl public and send people my outgoing wrapper file, any
> mail sent top a certain user on my system would automagicaly be entered.

Yes!

I'd like to learn more about this.

Also, Bill Campbell indicated he also builds his own dnsrbl (using a perl
deliver script and djb's rbldns) and has a white list too.

Bill: can you share more?

This is what I am talking about. My first email may have been unclear --
yes I already manually build my own lists of IPs to block. (I don't have a
script to parse my mails yet though.)

I just think that if several of this group share our work it makes more
sense.

Of course, the same could be said to just use and support a
pre-existing public dnsbls, but as we can see some of use want to
supplement it or do it our own way :)

 Jeremy C. Reed

 	  	 	 technical support & remote administration
	  	 	 http://www.pugetsoundtechnology.com/

More information about the linux-list mailing list