Re: OT: Postscreen and scoring/blocking by ISP

Charles Sprickman: > > There is no need to do everything in postscreen, especially considering > > that the purpose is to block spambots, which is not the same thing > > as blocking all spam operators. > > I really want to weight against some sources, not block them entirely > though... Quoting

Re: OT: Postscreen and scoring/blocking by ISP

On 31 May 2019, at 22:03 (-0400), Charles Sprickman wrote: I really want to weight against some sources, not block them entirely though... Then the ideal tool is SpamAssassin, not postscreen. It's easy to add and set the scoring of any DNSBLs you find useful and if you want more complex logi

Re: OT: Postscreen and scoring/blocking by ISP

> On May 31, 2019, at 7:45 PM, Wietse Venema wrote: > > Charles Sprickman: >> https://www.team-cymru.com/IP-ASN-mapping.html#dns >> >> >> That?s part way there. I can easily find the ASNs I care to penalize. But >> still have to figure o

Re: OT: Postscreen and scoring/blocking by ISP

Charles Sprickman: > https://www.team-cymru.com/IP-ASN-mapping.html#dns > > > That?s part way there. I can easily find the ASNs I care to penalize. But > still have to figure out how to do something with that in postscreen? There is no need t

Re: OT: Postscreen and scoring/blocking by ISP

> On May 30, 2019, at 5:38 PM, Allen Coates wrote: > > > On 30/05/2019 22:21, Allen Coates wrote: >> Currently, I am using a CIDR access-control-list to block (in PostScreen) >> hosts >> from certain "nuisance" countries. A weekly script derives the netblocks >> from >> the zone lists publis

Re: OT: Postscreen and scoring/blocking by ISP

On 30/05/2019 22:21, Allen Coates wrote: > Currently, I am using a CIDR access-control-list to block (in PostScreen) > hosts > from certain "nuisance" countries. A weekly script derives the netblocks from > the zone lists published by http://www.ipdeny.com A similar script could derive a DNS z

Re: OT: Postscreen and scoring/blocking by ISP

There is an RBL, zz.countries.nerd.dk, which will return a code based on country of origin - or if you substitute a country code (eg uk.countries.nerd.dk) it will return 127.0.0.1 if the host "belongs" to that country; it can be used to load the final RBL score for an individual country. I don't

Re: OT: Postscreen and scoring/blocking by ISP

Hi David (and re-adding the list in case we say something interesting), “Snowshoe spam”, as I understand it is basically a spammer sending batches from a list of “clean” IPs - not too many emails per IP, but lots of hosts to send from. By the time an IP is blacklisted, it’s already done spammin

OT: Postscreen and scoring/blocking by ISP

Hi all, I was looking through a few lists of RBLs and I’m not finding quite what I want. I have quite a bit of my spam blocking working fairly well, but I’m seeing quite a bit of “snowshoe spam” from a few providers. Rather than look up their netblocks and outright block them, I’d like to incor