So here's my idea. I'm sure others or someone has done it or something close. What I'm thinking is using Spamassassin when something scores over 50 go ahead and take the IP of the sending server and pass it to a database. Then use this database to update a local DNSBL. This would be a cron job that would pull the database and create the records. I would also put a "expire" time that it would expire the entry. Then use the DNSBL at the front end of the smtp connection and block connections based on this. This can easily be done with qmail and postfix.
Would want to block with a url pointing the user to a way of requesting a removal of the block and information on the block. Also have a web front end so someone could make a block either permanent, whitelist, or remove it.
Why a score of 50+ on spamassassin, thats easy. Currently my 10 systems that are scanning if they score over 25 I am 100% sure it is spam. So just to be truly safe at 50 no doubt about it.
With 10 systems scanning 100's of thousands of messages a day this would take a large amount of load and processing time from the spam scanning servers.
Posts
|