LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Software
User Name
Password
Linux - Software This forum is for Software issues.
Having a problem installing a new program? Want to know which application is best for the job? Post your question in this forum.

Notices


Reply
  Search this Thread
Old 07-06-2006, 04:57 PM   #1
elfoozo
Member
 
Registered: Feb 2004
Location: Washington, USA
Distribution: Debian
Posts: 265

Rep: Reputation: 32
reatime or dns blacklist or blocklist how-to


Is anybody running their own realtime blacklist or blocklist of any type on Linux that is queried by their internal mail servers? For example, server A runs the blocklist service but no mailer and servers B, C, D and E all point to A to validate an inbound message before accepting the message?

Last edited by elfoozo; 07-08-2006 at 01:57 AM.
 
Old 07-07-2006, 11:46 AM   #2
farslayer
LQ Guru
 
Registered: Oct 2005
Location: Northeast Ohio
Distribution: linuxdebian
Posts: 7,249
Blog Entries: 5

Rep: Reputation: 191Reputation: 191
What are you trying to accomplish ? might make it easier to find an answer...

Blacklisting for Spammers ? Blacklisting websites ? are you trying to prevent users from going places or are you wanting to provide a blacklisting service to others ?

My mailserver is using blacklists to block spam, and a product such as Dansguardian on Linux can make use of lists to block websites..
 
Old 07-07-2006, 12:40 PM   #3
elfoozo
Member
 
Registered: Feb 2004
Location: Washington, USA
Distribution: Debian
Posts: 265

Original Poster
Rep: Reputation: 32
Quote:
Originally Posted by farslayer
What are you trying to accomplish ? might make it easier to find an answer...

Blacklisting for Spammers ? Blacklisting websites ? are you trying to prevent users from going places or are you wanting to provide a blacklisting service to others ?

My mailserver is using blacklists to block spam, and a product such as Dansguardian on Linux can make use of lists to block websites..
My domains receive literally 10's of thousands of spam per day. The spam is easy to identify because the spam is sent to nonexistent users.

Since the mail servers these days have the option to point to a blocklisting service I figured I could set up my own blocklist service for internal purposes, and block these spam hosts by origin IP.

I've looked at the external blocklisting services and in most cases they block IP ranges I communicate with so I want to take the blocklist service under my own control.
 
Old 07-07-2006, 10:46 PM   #4
farslayer
LQ Guru
 
Registered: Oct 2005
Location: Northeast Ohio
Distribution: linuxdebian
Posts: 7,249
Blog Entries: 5

Rep: Reputation: 191Reputation: 191
Not sure what mail server you use, I run postfix. I can blacklist right in the postfix config, as well as utilize many many other UCE (unsolicited commercial email) blocking features that are simple to implement, reject mail to unknown users, reject mail from servers that do not resolve using rdns, etc.. etc.. on top of that I use Spamassassin to inspect messages and tag those that look like spam. SA also can use Black Lists, custom lists etc..

so if nothing else take a look at spamassassin. http://spamassassin.apache.org/

I would also be surprised if all the black lists contain addressess you communicate with, I use about 6 different black lists on my servers. unless you receive mail from asia, and people that host mail on Dynamic IP addressess and people that send valid mail through open relays (no such thing as valid mail through open relays imho) there are definately Black lists you can use to block some of that junk. I reject about 60-70% of all mail that touches my server through black lists and other tests.. then it gets filtered through SA and gets tagged.

It gets examined and tagged again when users retrieve it by a commercial device I purchase from Fortigate.. I have had very few complaints about valid mail being blocked. most people ask if I can make it tighter to block more.. if they only knew the percentage I block vs what makes it to their mialboxes..


Well heres some Black lists you can review to find one or several that suit your needs.. read up on their policies for adding and removing people first to make sure their methods agree with you...
http://www.declude.com/Articles.asp?ID=97

I use some of the following lists

sorbs - some not all
spamcop
spamhaus - some not all
ordb

Best of luck in your battle...
 
Old 07-08-2006, 02:17 AM   #5
elfoozo
Member
 
Registered: Feb 2004
Location: Washington, USA
Distribution: Debian
Posts: 265

Original Poster
Rep: Reputation: 32
Thanks for the info farslayer. Do the products you mention allow you to have other mailhosts on your network query the blacklist you defined in your postfix config? I've updated my original post to hopefully better reflect the concept.

I think what I'm after is a how-to on setting up a centrally located blocking server service that my other mail servers can query, not route through.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
spamassassin blacklist stomach Linux - Software 1 02-08-2006 05:37 PM
a blacklist for hal? evans0409 Linux - Software 12 02-05-2006 10:29 PM
'blacklist' WARNING JerryP Mandriva 5 12-01-2005 07:47 PM
Protowall/Peer Guardian blocklist in linux? Ace2005 Linux - Security 3 11-26-2005 04:41 PM
what is /etc/hotplug/blacklist for? slinky2004 Linux - Software 1 09-11-2005 12:44 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Software

All times are GMT -5. The time now is 04:38 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration