Your skill will accomplish what the force of many cannot |
|
PerlMonks |
Firewalling brute-force spam attacksby hacker (Priest) |
on Mar 26, 2004 at 02:46 UTC ( [id://339932]=perlquestion: print w/replies, xml ) | Need Help?? |
hacker has asked for the wisdom of the Perl Monks concerning the following question:
I've been taking a very heavy-handed approach to stopping spam lately, to help my users maintain a nice clean, spam-reduced mail environment.
First, I should mention that my system's tolerance for spam is nil. I have several hundred rulesets configured in the MTA, to block based on common subjects/heuristics, a very tweaked SpamAssassin setup, 6 different RBLs, including blackholes.us for 7 countries, clamav, and some very detailed procmail recipes to handle the AV and other things that slip through. That being said, spam still gets in. The piece of the puzzle that I'm trying to solve now, is being able to firewall off people/machines that are brute-forcing accounts on servers with domains we host (quite a few). An example of this from one of the live servers looks like this. I cooked up a quick hackish bash script to deal with these, and half-shimmed in some perl to regex out the IP. I'd like to entertain some ideas and approaches to handling this entire thing in Perl exclusively. Currently, it looks like this, and works perfectly, though is hackish:
The process is:
Anyone want to take a stab at converting this little shell'ism to "Pure Perl™"?
Back to
Seekers of Perl Wisdom
|
|