OpenBSD Journal

[Announce] spews2fw-0.4

Contributed by Dengue on from the spam-haters dept.

Robert Maxwell writes :
"Those of you that run a firewall or several, might be interested in this tool. spews2fw, is based on an example from Harry at spamcop.net, which will automatically download the level 1 or 2 listings from spews.org, parse, sort, and remove duplicates. It will then generate firewall rulesets for ipchains, iptables, pf, ipf, Sun SunScreen, and Cisco. Please, check it out, and if you have issues or suggestions, please let me know. Robert Maxwell rmaxwell@madripoor.org "
Personally, anything that slows down or stops spammers is high on my list. Here's a link to the software: http://www.madripoor.org/Downloads/downloads.html .

(Comments are closed)


Comments
  1. By jizzmopper () on

    This story was posted about a month ago. It's a nice tool, but tends to generate several thousand pf rules which can be fun to navigate.

  2. By Anonymous Coward () on

    Looking at the file of spammers is daunting! I think from Daniels performance paper pf scales well with more rules, but I have no personal experience.

    One could do the same with a combination of awk and sort and uniq, but the overall framework is a good way to automate the entire process.

    Does anyone else find it ironic that the original idea came from an OpenBSD posting, and now is issued under the GNU license? That is the Linux way, the BSD way is the one most prevalent around these parts.

    What we now need is a Webalizer for pf, that will tell you where all these spams are coming from and draw nice charts and graphs to show where all your stuff is getting blocked or allowed.

  3. By jose () on

    so i did some work over the past 6 months to look at better spam filters. one of the things i looked at was sources and paths as a possible filtering method. i used to filter a lot on sources and source domains. i no longer do. if you look at my website you'll see some graphs i have put up of spam analysis. you'll quickly see that about 80% of the spam comes to me from unique paths and addresses. this isn't uncommon. as such, if you want to try and keep up, you'll always be adding rules, but to no real avail. there are better ways at the application layer to filter for spam which are more adaptable.

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]