Spam Filter ISP Support Forum

  New Posts New Posts RSS Feed - According to Domains and From Emails filtering
  FAQ FAQ  Forum Search   Register Register  Login Login

According to Domains and From Emails filtering

 Post Reply Post Reply
Author
Oleg Medvedev View Drop Down
Guest Group
Guest Group
Post Options Post Options   Thanks (0) Thanks(0)   Quote Oleg Medvedev Quote  Post ReplyReply Direct Link To This Post Topic: According to Domains and From Emails filtering
    Posted: 29 April 2004 at 3:04am
As I noticed before, there is no ability in SpamFilter to filter connections by their domain name. So I made batch file for Windows that scans SpamFilter's logfile and refreshes IPs database. This batch uses some utilities from http://unxutils.sourceforge.net/. (sed.exe, uniq.exe, cut.exe) It requires file named spam.dat, that contains something like: ====== \.ppp \.client dynam \.dial \.client \.pool \.ip\- ip[0-9] dsl cable ====== As you noticed, it uses Regular Expressions. So you can improve this file for your needs. And here is batch itself: =========== echo.>database.txt rem take all the symbol names to be blacklisted by their IP for /f "tokens=1,* delims= " %%a in (spam.dat) do sed -n "/%%a/p" %1>>database.txtdatabase.txt rem take all the symbol names to be blacklisted by their IP for /f "tokens=1,* delims= " %%a in (spam.dat) do sed -n "/%%a/p" %1>>database.txtdatabase.txt rem take all the symbol names to be blacklisted by their IP for /f "tokens=1,* delims= " %%a in (spam.dat) do sed -n "/%%a/p" %1>>database.txt>database.txt>database.txtdatabase.txtdatabase.txt

rem select only DNS resolve strings sed -n "s/.*Resolving \(.*\)/\1/p" database.txt>1.txt1.txt1.txt

rem remove repeating strings sort 1.txt>2.txt uniq 2.txt>3.txt2.txt uniq 2.txt>3.txt2.txt uniq 2.txt>3.txt3.txt3.txt

rem take only IPs without their DNS names cut -d- -f 1 3.txt>4a.txt cut -d- -f 2- 3.txt>4b.txt4a.txt cut -d- -f 2- 3.txt>4b.txt4a.txt cut -d- -f 2- 3.txt>4b.txt4b.txt4b.txt

rem you can comment next line and replace it by copy 4a.txt 5.txt sed "s/\.[0-9]* /.0/" 4a.txt>5.txt rem previous line replaces last group in IP address by 05.txt rem previous line replaces last group in IP address by 05.txt rem previous line replaces last group in IP address by 0

rem add new IPs to existing base cat 5.txt BlacklistedIPs >6.txt6.txt6.txt

rem remove dupes sort 6.txt>7.txt uniq 7.txt>8.txt7.txt uniq 7.txt>8.txt7.txt uniq 7.txt>8.txt8.txt8.txt

rem form new base that can be copied to location, where SpamFilter set to. ren 8.txt BlacklistedIPs =========

That's it. I think it is easier to make copuple of white addresses instead of receiving tons of junk email to analyse its contents by text filters.
Back to Top
Oleg Medvedev View Drop Down
Guest Group
Guest Group
Post Options Post Options   Thanks (0) Thanks(0)   Quote Oleg Medvedev Quote  Post ReplyReply Direct Link To This Post Posted: 29 April 2004 at 3:21am
Hmm... looks like forum deleted all my single line breaks...

Corrections to previous message:

spam.dat has one entry per one line.

batch file needs correction too. It needs to insert line breaks instead of unneeded spaces.

if you interested, don't hesitate to contact me by email.
Back to Top
Dan B View Drop Down
Senior Member
Senior Member
Avatar

Joined: 09 February 2005
Location: United States
Status: Offline
Points: 105
Post Options Post Options   Thanks (0) Thanks(0)   Quote Dan B Quote  Post ReplyReply Direct Link To This Post Posted: 30 April 2004 at 11:23pm

Oleg,

Can you email me the batch file and the spam.dat files?  I would like to see what our large log files will show.  You can email me at funnyman____ at yahoo dot com  those are (4 under scores)

Thanks,

Dan Blickensderfer

Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down



This page was generated in 0.127 seconds.