Daemon monitoring the spamd logfile and doing DNS-BL lookups for the connecting hosts using spamdb for trapping those listed in one of the configured black lists.

Markus Hennecke 204f4d0e07 Adapt to latest log.[ch] changes in OpenBSD base 2 سال پیش
.gitignore 68ece0671e Initial commit. 5 سال پیش
Makefile 1154fb5452 Add correct MANDIR definition 3 سال پیش
README.md 040aa13c1e Fix config example 5 سال پیش
dnsbl.c 204f4d0e07 Adapt to latest log.[ch] changes in OpenBSD base 2 سال پیش
dnsbl.h 37a638b815 Drop privileges in child processes 5 سال پیش
log.c 204f4d0e07 Adapt to latest log.[ch] changes in OpenBSD base 2 سال پیش
log.h 204f4d0e07 Adapt to latest log.[ch] changes in OpenBSD base 2 سال پیش
parser.y 68ece0671e Initial commit. 5 سال پیش
spamd-dnsbld.8 9148344b1c Add man pages 5 سال پیش
spamd-dnsbld.conf 68ece0671e Initial commit. 5 سال پیش
spamd-dnsbld.conf.5 2210514a8e Add unveil(2) calls 5 سال پیش
spamd_dnsbld.rc 68ece0671e Initial commit. 5 سال پیش

README.md

spamd-dnsbld

Daemon watching the spamd log file and querying DNS blacklists if new entries are created automatically, grey trapping those hosts that were found offensive.

Configuration Example

set autowhitelist off
spamd logfile "/var/log/spamd"
list "spamhaus" has dns "zen.spamhaus.org"
list "spamcop" has dns "bl.spamcop.net"

Function description

The default is to not whitelist entries if none of the configured DNS-BLs have the connecting IP address listed.

The logfile is opened and monitored for new lines. If a line is found matching a spamd entry with an IP address and the string "connected" the daemon forks and does a DNS lookup on all the configured lists. The first of those lookups returning an address starting with 127.0.x.x that address is fed to spamdb by executing /usr/sbin/spamdb -t -a ${ip}. If there is no match and the autowhitelist setting is on the IP is whitelisted by calling /usr/sbin/spamdb -a ${ip}. In case of that setting beeing off nothing is done and spamd can use the normal grey listing process.

Logging

If not started in foreground mode the daemon will daemonize and log to syslog. It comes handy to have the daemon log into it's own logfile adding these lines to /etc/syslog.conf:

!!spamd-dnsbl
daemon.*						/var/log/spamd-dnsbl
!*

The same can be done for the spamd log, pointing the logfile in the config file to that location. The logfile can be rotated automatically with this setting in /etc/newsyslog.conf:

/var/log/spamd-dnsbl	root:wheel	600   3     *    $M1D1 Z