[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Own db of blocked IPs

To: Marek Kowal <marek.kowal@portal.onet.pl>
Subject: RE: Own db of blocked IPs
From: Jeff Warnica <jeffw@chebucto.ns.ca>
Date: Tue, 27 Jan 2004 19:44:47 -0400
Cc: ZMailer list <zmailer@nic.funet.fi>
In-Reply-To: <3B372C82CD4B084D9B2B7BF2283FC6FD10E53B@foxtrot.onet>
Original-Recipient: rfc822;zmailer-log@nic.funet.fi
References: <3B372C82CD4B084D9B2B7BF2283FC6FD10E53B@foxtrot.onet>
Sender: zmailer-owner@nic.funet.fi
User-Agent: Internet Messaging Program (IMP) 4.0-cvs

BIND 9 apparently has support for alternative backends, though I have no idea
how well they work, or how much C coding would be required to get it working
with your system... BIND may be the most popular DNS server out their, and may
have the most features, but it may not be the best for this purpose... Its
extensive security, distrubtion and other advanced features likely wont be
necessary.. (I dont think they are necessaty for 95% of the systems running
BIND  anyway....)

There are a number of existing alternates to BIND which support SQL backends,
but unless you happen to be using the same schema, they may or may not beable
to just read your DB.

I see that there is a Perl DNS server module...

http://www.stanford.edu/~riepel/lbnamed/Stanford-DNSserver/DNSserver.html

Making your own DNS server with a hundred line perl script might be the path of
least resistance.

Quoting Marek Kowal <marek.kowal@portal.onet.pl>:

> Thank's for the prompt replies.
>
> If I am to go to the RBL, I need to have the DNS which can use the SQL
> database as the source of records. I have (really!) about 10 seconds from
> the detection of "tricky" IP to the next connection attempt, and during that
> time my DNS needs to start to serve those IPs as blocked.
>
> Any ideas?
>
> Cheers,
> .m
>
> -----Original Message-----
> From: Carlos G Mendioroz [mailto:tron@huapi.ba.ar]
> Sent: Tuesday, January 27, 2004 9:59 PM
> To: Marek Kowal
> Cc: ZMailer list
> Subject: Re: Own db of blocked IPs
>
> Sounds like using RBL scheme is the easiest way to go...
> just set up a DNS server serving your blocked IPs !
>
> Marek Kowal wrote:
>
>> Hi there, I have an external DB of the IPs to be blocked. It is very 
>> dynamic (up to
>> 100 new entries per minute) and centralized - many servers should use it.
> So
>> the standard Zmailer mechanisms of static blocked IPs are - I guess - no
>> good to me. I am running out of time, so please, help me with the
> following:
>> where in the smtpserver should I implement my lookup so that I can discard
>> the connection in either of the places:
>>
>> - in main smtpserver process, after accept() and before the fork
>> - in the child smtpserver process
>>
>> Please, help me if you can (and I know you do!) ;-) In the meantime I am
>> digging through the sources myself.
>>
>> Cheers,
>> Marek
>> -
>> To unsubscribe from this list: send the line "unsubscribe zmailer" in
>> the body of a message to majordomo@nic.funet.fi
>>
>>
>
--
> Carlos G Mendioroz  <tron@huapi.ba.ar>  LW7 EQI  Argentina
> -
> To unsubscribe from this list: send the line "unsubscribe zmailer" in
> the body of a message to majordomo@nic.funet.fi

-
To unsubscribe from this list: send the line "unsubscribe zmailer" in
the body of a message to majordomo@nic.funet.fi

Follow-Ups:
- RE: Own db of blocked IPs
  - From: "Mariano Absatz" <zmailer@lists.com.ar> (Wed, 28 Jan 2004 01:49:29 +0200)

References:
- RE: Own db of blocked IPs
  - From: Marek Kowal <marek.kowal@portal.onet.pl>

Prev by Date: Re: message tagging...
Next by Date: Re: Re[2]: Own db of blocked IPs
Prev by thread: Re: Own db of blocked IPs
Next by thread: RE: Own db of blocked IPs
Index(es):
- Date
- Thread