Shorewall users - Jul 2002 - blacklist - limited to individual ports (smtp)

Great job with Shorewall!

The only thing I''m missing is a blacklist for smtp. I use this to add
spammers and spamming networks. Is something like this planned? If not,
does anyone have a good idea of how would be the best way to implement a
hack to get this functionality?

TIA!

Rgds,
Rene @ Webscorpion.com

On Wed, 17 Jul 2002, Rene @ Webscorpion.com wrote:
> Great job with Shorewall!
> 
> The only thing I''m missing is a blacklist for smtp. I use this to
add
> spammers and spamming networks. Is something like this planned? If not,
> does anyone have a good idea of how would be the best way to implement a
> hack to get this functionality?
> 
I''m filtering SPAM with Spamassassin. Since I installed SA, I get less
than one UCE a week.

In my view, that''s a much better way to weed out spam than configuring
it
in a packet filter like Shorewall. SA checks against RBL lists (be sure 
you have a caching name server) as well as performing content analysis.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net

Hi Tom,

I am already filtering spam on the server using ordb.org and null.dk -
used to use relays.osirusoft.com but they have become too militant and are
currently causing too much collateral damage to be useful.

With a manual smtp block list I can add whole countries - such as Korea
from which I never get anything but spam.

Currently I have a small scrip that reads ip ranges out of a file and
makes manual iptables entries but I would much prefer having it all under
one hat as with Shorewall!

Rgds,

Rene @ Webscorpion.com

> On Wed, 17 Jul 2002, Rene @ Webscorpion.com wrote:
>
>> Great job with Shorewall!
>>
>> The only thing I''m missing is a blacklist for smtp. I use this
to add
>> spammers and spamming networks. Is something like this planned? If
>> not, does anyone have a good idea of how would be the best way to
>> implement a hack to get this functionality?
>>
>
> I''m filtering SPAM with Spamassassin. Since I installed SA, I get
less
> than one UCE a week.
>
> In my view, that''s a much better way to weed out spam than
configuring
> it in a packet filter like Shorewall. SA checks against RBL lists (be
> sure  you have a caching name server) as well as performing content
> analysis.
>
> -Tom
> --
> Tom Eastep    \ Shorewall - iptables made easy
> AIM: tmeastep  \ http://www.shorewall.net
> ICQ: #60745924  \ teastep@shorewall.net
>
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@shorewall.net
> http://www.shorewall.net/mailman/listinfo/shorewall-users

On Wed, 17 Jul 2002, Rene @ Webscorpion.com wrote:
> 
> Hi Tom,
> 
> I am already filtering spam on the server using ordb.org and null.dk -
> used to use relays.osirusoft.com but they have become too militant and are
> currently causing too much collateral damage to be useful.
> 
> With a manual smtp block list I can add whole countries - such as Korea
> from which I never get anything but spam.
> 
> Currently I have a small scrip that reads ip ranges out of a file and
> makes manual iptables entries but I would much prefer having it all under
> one hat as with Shorewall!
> 
Simply invoke your script from the appropriate Shorewall Extension Script
(http://www.shorewall.net/Documentation.htm#Scripts). You probably want to 
put the rules in the appropriate Shorewall zone2zone chain so envoke your 
script from the extension script corresponding to that chain.

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net