Re: speedy spam
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Tue, Oct 14, 2003 at 06:22:41AM -0400, Jeff Elkins wrote:
> Well, hell.
>
> I set up a new address (for family) on my server and inadvertently used it
> Sunday in a reply to debian-user. It's now being flooded with email viruses
> and spam.
I've been maintaining a virus-infected relay blacklist.
http://ursine.ca/~baloo/
Drops in nicely in exim, take the infected-hosts URL and have wget
fetch it once a day, then put this in
/etc/exim4/conf.d/acl/30_exim4-config_check_rcpt
# Virus spewing hosts.
deny message = $sender_host_address has been sending or relaying viruses. Get your ISP to stop other customers from peeing in the pool.
log_message = $sender_host_address is listed in infected-hosts
hosts = net-lsearch;/etc/exim4/infected-hosts
I try to update the list at least once a day, usually more often.
- --
.''`. Paul Johnson <baloo@ursine.ca>
: :' :
`. `'` proud Debian admin and user
`- Debian - when you have better things to do than fix a system
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
iD8DBQE/jLVSUzgNqloQMwcRAiqHAJ9EMqgc7ZLQ+lNqu6L99bjsqZiSEwCfQh7N
9/BUpqXGFOQkrdbka63pMyI=
=OL2+
-----END PGP SIGNATURE-----
Reply to:
- References:
- speedy spam
- From: Jeff Elkins <jeffelkins@earthlink.net>