Here is something that I've been toying with for a couple hours and I thought I'd pick peoples brains to see if I'm just being crazy here.
I'd like to start up my own local DNSBL in Plesk's bare bones DNS tools. I've created a domain (blacklist.pessimists.net) and added A records for a few spammer domains that are pummeling Qmail at the moment. I added the "-r blacklist.pessimists.net" to the /etc/xinetd.d/smtp_psa file, and nada. I then tried wildcarding the domain with the same disappointing results.
Is this even possible?
DNSBL on plesk?
-
exi1ed0ne
- Forum Regular
- Posts: 190
- Joined: Sun Nov 20, 2005 4:16 pm
- Location: Right Behind You!
- Contact:
DNSBL on plesk?
-Andy
It is quite easy to do, but somewhat convoluted.
1) Create an A record: blacklist.yourdomain.com -> youripaddress
2) For each IP you want to block, add an A record with the IP backwards, plus blacklist.yourdomain.com, pointing to 127.0.0.2 (which is the univeral-ish way to indicate a positive hit in a dnsbl.
For example if you want to block 1.2.3.4 you would have an A record like this:
4.3.2.1.blacklist.yourdomain.com A 127.0.0.2
(you can also add a TXT record for 4.3.2.1.blacklist.yourdomain.com saying "bog off spammer" or something.)
Then in your /etc/xinetd.d/smtp_psa you'd have -r blacklist.yourdomain.com
Job done.
(incidentally you can also use the same thing for a whitelist - just add "-a whitelist.yourdomain.com" in the smtp_psa and use whitelist instead of blacklist when addint the IP A recrords)
On this subject, would anyone like to educate me on how to use wildcards for blacklists, for the A records and the TXT records?
*.x.x.x.blacklist.yourdomain.com don't seem to work.
Maybe I should just leave off the last (first) digit completely?
Faris.
1) Create an A record: blacklist.yourdomain.com -> youripaddress
2) For each IP you want to block, add an A record with the IP backwards, plus blacklist.yourdomain.com, pointing to 127.0.0.2 (which is the univeral-ish way to indicate a positive hit in a dnsbl.
For example if you want to block 1.2.3.4 you would have an A record like this:
4.3.2.1.blacklist.yourdomain.com A 127.0.0.2
(you can also add a TXT record for 4.3.2.1.blacklist.yourdomain.com saying "bog off spammer" or something.)
Then in your /etc/xinetd.d/smtp_psa you'd have -r blacklist.yourdomain.com
Job done.
(incidentally you can also use the same thing for a whitelist - just add "-a whitelist.yourdomain.com" in the smtp_psa and use whitelist instead of blacklist when addint the IP A recrords)
On this subject, would anyone like to educate me on how to use wildcards for blacklists, for the A records and the TXT records?
*.x.x.x.blacklist.yourdomain.com don't seem to work.
Maybe I should just leave off the last (first) digit completely?
Faris.
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
-
exi1ed0ne
- Forum Regular
- Posts: 190
- Joined: Sun Nov 20, 2005 4:16 pm
- Location: Right Behind You!
- Contact:
Yup, did all that. (Although I created a separate domain rather than just an A record to keep the DNS lists a bit separated.) The goal was to look for class C networks that sent a threshold of spam, say 5 a day (configurable) and blacklist them for 24 hours.
It was the wildcarding that I couldn't get working correctly. I suppose I could just add the naughty folks to the qgreylist blacklist. . .
It was the wildcarding that I couldn't get working correctly. I suppose I could just add the naughty folks to the qgreylist blacklist. . .
-Andy