[Tutor] banned function

dman dsh8290@rit.edu
Mon, 18 Feb 2002 10:43:36 -0500

On Mon, Feb 18, 2002 at 10:03:47AM -0500, kirk Bailey wrote:
| I am considering adding a global 'banned' file function, so email from
| a banned identity will automatically be rejected by tinylist. Although
| useful to block spam and vicious users, spammers usually send from
| throwaway accounts, and get a new one for the next run, and so can a
| drooler, if enough brain cells still work to think of it. Any
| discussion?

You're right that a blacklist isn't terribly effective on spammers.
It also requires that you first received a spam message so that you
know what addr to blacklist.  On top of that, if a spammer forges the
address (likely) and the address happens to be a real person, you've
blacklisted the wrong person.  For spam catching you need to be
smarter than that -- use spamassassin :-).

For a mailing list, the subscribers are likely to have different
opinions on who to blacklist and who not to.  Each user can use their
own killfile and customize to taste.

Regardless, if you want a blacklist, put it in your MTA.  The simplest
mechanism, if you use exim 3, is to put this at the top of your
directors list 

# Check the system bouncelist, this is based on the "MAIL FROM:" command.
    driver          = smartuser
    require_files   = /etc/exim/bouncelist
    senders         = /etc/exim/bouncelist
    new_address = :fail: \"${local_part}@${domain}\" thinks you are a spammer

Then you put a list of regexes, one per line, in the file
/etc/exim/bouncelist.  Then the message will be rejected at SMTP time,
long before your TinyList ever sees it.

This can also be tweaked to operate on a per-user basis too.



Through love and faithfulness sin is atoned for;
through the fear of the Lord a man avoids evil.
        Proverbs 16:6