PT. Hawk Teknologi Solusi

Silahkan Cari Disini

Senin, 10 Agustus 2009

Blacklists/Blocklists

Blacklists or blocklists are lists of IP addresses, domain names, email addresses or content of the headers or the body, or some combination of these different types, that can be used to help identify spam. A special subset of IP address and domain name lists exist which can be queried using DNS, which are called DNS Blackhole Lists or DNSBLs. Blacklists can be unverified and cause “collateral damage”; their criteria for listing may not be clear.

Those blacklists listed here are just a tiny subset of all of the private access lists and ACLs that exist to block spam from private networks; that larger set is the source of the death of a thousand cuts that any spam friendly provider should eventually experience. They may not have the clout of SPEWS, but they may last even longer.


From:
http://spamlinks.net/filter-bl.htm


Postfix blacklist or reject an email address

Ringkasan ini tidak tersedia. Harap klik di sini untuk melihat postingan.

Minggu, 09 Agustus 2009

Lindungi jaringan anda dari daftar ip yang terindentifikasi pada dshield dan spamhaus

Pagi ini lagi-lagi smtp ku di buat mabok oleh traffic spam , iseng aku cari di google bagaimana fetch daftar ip sumber spam langsung di mikrotik ternyata ketemu link berikut:

http://forum.mikrotik.com/viewtopic.php?f=9&t=24427


berikut adalah contoh script + scheduling + firewall filter yang saya gunakan di router mikrotik 3.25:


# aug/09/2009 11:27:24 by RouterOS 3.25
#
/system script
add name=fetch-dshield-spamhaus policy=\
ftp,reboot,read,write,policy,test,winbox,password,sniff source="## Parse D\
SHIELD & Spamhaus feed and build an address-list.\r\
\n## Written by Sam Norris, ChangeIP.com 2008\r\
\n## Any comments or suggestions welcome in the forums.\r\
\n##\r\
\n## 06/03/08 - Initial list parsing.\r\
\n\r\
\n/tool fetch address=feeds.dshield.org host=feeds.dshield.org mode=http s\
rc-path=block.txt\r\
\n/tool fetch address=www.spamhaus.org host=www.spamhaus.org mode=http src\
-path=drop/drop.lasso\r\
\n\r\
\n##\r\
\n## DSHIELD Drop List\r\
\n##\r\
\n\r\
\n:if ( [/file get [/file find name=block.txt] size] > 0 ) do={\r\
\n\r\
\n /ip firewall address-list remove [/ip firewall address-list find list=\
dshield]\r\
\n\r\
\n :global content [/file get [/file find name=block.txt] contents] ;\r\
\n :global contentLen [ :len \$content ] ;\r\
\n\r\
\n :global lineEnd 0;\r\
\n :global line \"\";\r\
\n :global lastEnd 0;\r\
\n\r\
\n :do {\r\
\n :set lineEnd [:find \$content \"\\n\" \$lastEnd ] ;\r\
\n :set line [:pick \$content \$lastEnd \$lineEnd] ;\r\
\n :set lastEnd ( \$lineEnd + 1 ) ;\r\
\n\r\
\n :if ( [:pick \$line 0 1] != \"#\" ) do={\r\
\n\r\
\n :if ([:typeof [:toip [:pick \$line 0 [:find \$line \"\\t\"] ] ] ] !=\
\_\"nil\") do={\r\
\n :local pos1 [:find \$line \"\\t\" 0]\r\
\n :local pos2 [:find \$line \"\\t\" \$pos1]\r\
\n :local pos3 [:find \$line \"\\t\" \$pos2]\r\
\n :log info ( \"DShield Entry: \" . [:pick \$line 0 \$pos1 ] . \"/\"\
\_. [:pick \$line (\$pos2+1) \$pos3 ] )\r\
\n /ip firewall address-list add list=dshield address=( [:pick \$line\
\_0 \$pos1 ] . \"/\" . [:pick \$line (\$pos2+1) \$pos3 ] )\r\
\n } \r\
\n\r\
\n }\r\
\n\r\
\n } while (\$lineEnd < \$contentLen)\r\
\n\r\
\n}\r\
\n\r\
\n##\r\
\n## SPAMHAUS.ORG Drop List\r\
\n##\r\
\n\r\
\n:if ( [/file get [/file find name=drop.lasso] size] > 0 ) do={\r\
\n\r\
\n /ip firewall address-list remove [/ip firewall address-list find list=\
spamhaus.lasso]\r\
\n\r\
\n :global content [/file get [/file find name=drop.lasso] contents] ;\r\
\n :global contentLen [ :len \$content ] ;\r\
\n\r\
\n :global lineEnd 0;\r\
\n :global line \"\";\r\
\n :global lastEnd 0;\r\
\n\r\
\n :do {\r\
\n :set lineEnd [:find \$content \"\\n\" \$lastEnd ] ;\r\
\n :set line [:pick \$content \$lastEnd \$lineEnd] ;\r\
\n :set lastEnd ( \$lineEnd + 1 ) ;\r\
\n\r\
\n :if ( [:pick \$line 0 1] != \";\" ) do={\r\
\n\r\
\n :if ([:len [:pick \$line 0 [:find \$line \";\"] ] ] > 0 ) do={\r\
\n :local pos1 [:find \$line \";\" 0]\r\
\n :local entry [:pick \$line 0 (\$pos1-1) ]\r\
\n :if ( [:len \$entry ] > 0 ) do={\r\
\n :log info \"Lasso Entry: \$entry\"\r\
\n /ip firewall address-list add list=spamhaus.lasso address=\$ent\
ry\r\
\n }\r\
\n } \r\
\n\r\
\n }\r\
\n\r\
\n } while (\$lineEnd < \$contentLen)\r\
\n\r\
\n}"
# aug/09/2009 11:27:47 by RouterOS 3.25
#
/system scheduler
add comment="" disabled=no interval=12h name=fecth-dshield-spamhaus on-event=\
fetch-dshield-spamhaus start-date=jan/01/1970 start-time=06:00:00
# aug/09/2009 11:33:37 by RouterOS 3.25
#
/ip firewall filter
add action=drop chain=forward comment="### DROP Spamhaus-Lasso" disabled=no \
src-address-list=spamhaus.lasso
add action=drop chain=forward comment="### DROP Dshield" \
disabled=no src-address-list=dshield
#