spamd-dnsbld

spamd-dnsbld

Daemon watching the spamd log file and querying DNS blacklists if new entries are created automatically, grey trapping those hosts that were found offensive.

Configuration Example

set autowhitelist off
spamd logfile "/var/log/spamd"
list "spamhaus" has dns "zen.spamhaus.org"
list "spamcop" has dns "bl.spamcop.net"

Function description

The default is to not whitelist entries if none of the configured DNS-BLs have the connecting IP address listed.

The logfile is opened and monitored for new lines. If a line is found matching a spamd entry with an IP address and the string "connected" the daemon forks and does a DNS lookup on all the configured lists. The first of those lookups returning an address starting with 127.0.x.x that address is fed to spamdb by executing /usr/sbin/spamdb -t -a ${ip}. If there is no match and the autowhitelist setting is on the IP is whitelisted by calling /usr/sbin/spamdb -a ${ip}. In case of that setting beeing off nothing is done and spamd can use the normal grey listing process.

Logging

If not started in foreground mode the daemon will daemonize and log to syslog. It comes handy to have the daemon log into it's own logfile adding these lines to /etc/syslog.conf:

!!spamd-dnsbl
daemon.*						/var/log/spamd-dnsbl
!*

The same can be done for the spamd log, pointing the logfile in the config file to that location. The logfile can be rotated automatically with this setting in /etc/newsyslog.conf:

/var/log/spamd-dnsbl	root:wheel	600   3     *    $M1D1 Z