HomeHas anybody experience in blocking spammer (UBE) ips from maillog?

Reply to comment

Wed, 2009-02-18 14:07 — ac

server load?

Are you referring to load on the server with blockhosts.py running? That should be minimal - you can always run blockhosts in cron mode, so kick it off only every minute or hour as needed, depending on the actual load, and/or frequency of attacks on spamdyke.

It should be easy to write a pattern to locate the IP (following origin_ip: in your log line above). This assumes that the log line above is displaying the correct originating IP and generally immume to spoofing. Otherwise it may block valid IP addresses :-)

But - not knowing much about spamdyke, it may be best to do nothing - since spamdyke is presumably built to stop spam, it may not need any external helpers!

Reply

The content of this field is kept private and will not be shown publicly.
  • Allowed HTML tags: <a> <em> <strong> <cite> <code> <ul> <ol> <li> <dl> <dt> <dd> <img> <b> <span> <pre> <hr>
  • Lines and paragraphs break automatically.
  • You may use [acidfree:xx] tags to display acidfree videos or images inline.
  • [l:URL text] input tags replaced with HTML links. URL may be Drupal internal path. [ Link Filter Tips ]

More information about formatting options