Hello Wojciech,
Am 2009-08-11 15:13:21, schrieb Wojciech Ziniewicz:
> What i want is a system that will trap abuse emails and notify me when
> certain client reaches the trigger of let's say 10 abuse emails per
> month.
I do this already using a procmail script, which spider the Body if an
E-Mail is attached and try to get the Received: header and analyse it.
Because the sending IP is associated (timely) with a customer, I know
perfectly which customer was on which dynamic IP and ...
So you could do the same...
if I encounter an unknown Mail-Agent: or nothing, I trigger immediately
because maybe it is a trojan or something like this.
For the new ISP i am in creation, I am blocking the port 25 and 589 and
force standard users to pass over my SMTP-Proxy. However, users which
there own proper SMTP-Relays can reconfigure the two ports.
> Then i would analyze the records and decide about warning him
> about the sittuation and finally possibly cutting him of. We often do
> such things to our bussiness customers - if they send tons of spam
> using our ip addrs we can cut them off after 2 warnings (in Poland
> sending spam is a crime) .
So you have the right to shootem? ;-)
Thanks, Greetings and nice Day/Evening
Michelle Konzack
Systemadministrator
Tamay Dogan Network
Debian GNU/Linux Consultant
--
Linux-User #280138 with the Linux Counter, http://counter.li.org/
##################### Debian GNU/Linux Consultant #####################
<http://www.tamay-dogan.net/> Michelle Konzack
<http://www.can4linux.org/> Apt. 917
<http://www.flexray4linux.org/> 50, rue de Soultz
Jabber linux4michelle@jabber.ccc.de 67100 Strabourg/France
IRC #Debian (irc.icq.com) Tel. DE: +49 177 9351947
ICQ #328449886 Tel. FR: +33 6 61925193
Attachment:
signature.pgp
Description: Digital signature