[Dovecot] anti-spam+anti-malware suggestions
Stan Hoeppner
stan at hardwarefreak.com
Fri Oct 22 13:58:46 EEST 2010
Miha Vrhovnik put forth on 10/21/2010 3:01 PM:
> "Stan Hoeppner" <stan at hardwarefreak.com> wrote on 21.10.2010 10:29:50:
>
>>
>> This will kill a huge amount of bot spam without dnsbl queries or
>> greylisting, both of which can be resource hogs and add serious latency:
>>
>> http://www.hardwarefreak.com/fqrdns.pcre
>>
> Stan,
> nice one. I'm wondering from where did you compile this one?
It was donated to me, and by default the community, by an anonymous
poster to the spam-l mailing list, quite some time ago. We were having
a discussion about blocking dynamic/generic rDNS hosts. Many of us were
using really coarse regexes that others felt would catch alot of ham
sources instead of just broadband/dynamic bots.
So, this generous gentleman donated his rDNS regex file. He was subbed
with a gmail alias so there's no way to identify him (as I'm sure he
prefers). Given the fully qualified nature and quality of the regexes
and the fact there's over 1600 of them, and due to some of his posts, it
leads me to believe he works for a major ISP/telco/etc in the US.
Regardless of who he is, I'm really glad he donated this. It sure has
given many a regex handicapped mail OP some seriously good additional
a/s capability and saved many folk much time who are/were trying to
build something similar from scratch.
Originally it was distributed as a Postfix regexp file. I ran it
through PCRE and found a bunch of errors. I corrected those so it now
runs as a PCRE without errors and with the added speed benefit of
Postfix' PCRE engine.
Thanks again to the anonymous OP who shared this with us. :)
--
Stan
More information about the dovecot
mailing list