[Mimedefang] Sendmail question on access.db
Gary Funck
gary at intrepid.com
Tue Dec 16 21:46:22 EST 2003
> -----Original Message-----
> From: Jim Miller
> Sent: Tuesday, December 16, 2003 11:58 AM
>
[...]
> You would 'makemap hash some_text_file > access' to create your access
> DB formatted in the correct way (very similar to virtusertable stuff)
>
> To:postmaster@ OK
> To:user1@ OK
> To:user2@ REJECT -- or ERROR:550 we don't want mail to this user
>
> There's all kinds neat things you can do here. I have been working on
> all this myself VERY recently ;) and will be testing it soon.. but this
> is the 'theory' I've gathered so far.
>
> Speaking for myself putting together the access db is going to be my BIG
> challenge.. and my Perl experience is 'lacking'.
I went through this experience, recently and the results are well
worth it.
If you haven't already, you might want to take a look at spfilter, at
http://bliab.com/spfilter/ (latest sources)
and http://spfilter.sourceforge.net/ (original home). Tony Nelson
recommended this program to me and helped me through the learning curve.
Spfilter will consolidate the info. from a number of BL's, and output
the result into a format of your choosing. It fetches databases for
open relays, spam, dynamic IP's (dsl's dialups), and countries (China,
Korea, and so on) that have been problematic. I'm using it in the mode
it outputs a send mail access list that I combine with my local access
definitions to create a new access.db. It also has a howto on hooking
up the info. to a local tinydns server if you find it easier to maintain
things that way. It is configured via an XML file, so you can customize
the sites you want it to poll, and so on. Given that it does various
file format conversions, you may find it a useful tool for plugging
your own black lists into it, and have them come out the way you want.
A few words of experience: it is beta software and has a few quirks
or three. They were easy to workaround. Also, for very large hash db's,
you're going to need a *lot* of physical memory (512 Mb min.), and you may
need to
pass a very large cache size to makemap hash (ie, 100Mb), or it will thrash
forever. The full up
access list that I'm using (spam,open relay,countries,dynamic) has
over 900,000 entries and a file size of 180 Mb. But once all the bits
are put together it works well at keeping the spammers out. I update
the black lists nightly.
According to some stats that I've seen, implementing these access rules
might cut the amount of spam your system has to deal with by as much as 2/3.
More information about the MIMEDefang
mailing list