According to Domains and From Emails filtering |
Post Reply |
Author | |
Oleg Medvedev
Guest Group |
Post Options
Thanks(0)
Posted: 29 April 2004 at 3:04am |
As I noticed before, there is no ability in SpamFilter to filter connections by their domain name.
So I made batch file for Windows that scans SpamFilter's logfile and refreshes IPs database.
This batch uses some utilities from http://unxutils.sourceforge.net/. (sed.exe, uniq.exe, cut.exe)
It requires file named spam.dat, that contains something like:
======
\.ppp
\.client
dynam
\.dial
\.client
\.pool
\.ip\-
ip[0-9]
dsl
cable
======
As you noticed, it uses Regular Expressions.
So you can improve this file for your needs.
And here is batch itself:
===========
echo.>database.txt
rem take all the symbol names to be blacklisted by their IP
for /f "tokens=1,* delims= " %%a in (spam.dat) do sed -n "/%%a/p" %1>>database.txtdatabase.txt
rem take all the symbol names to be blacklisted by their IP
for /f "tokens=1,* delims= " %%a in (spam.dat) do sed -n "/%%a/p" %1>>database.txtdatabase.txt
rem take all the symbol names to be blacklisted by their IP
for /f "tokens=1,* delims= " %%a in (spam.dat) do sed -n "/%%a/p" %1>>database.txt>database.txt>database.txtdatabase.txtdatabase.txtrem select only DNS resolve strings
sed -n "s/.*Resolving \(.*\)/\1/p" database.txt>1.txt1.txt1.txtrem remove repeating strings
sort 1.txt>2.txt
uniq 2.txt>3.txt2.txt
uniq 2.txt>3.txt2.txt
uniq 2.txt>3.txt3.txt3.txtrem take only IPs without their DNS names
cut -d- -f 1 3.txt>4a.txt
cut -d- -f 2- 3.txt>4b.txt4a.txt
cut -d- -f 2- 3.txt>4b.txt4a.txt
cut -d- -f 2- 3.txt>4b.txt4b.txt4b.txtrem you can comment next line and replace it by copy 4a.txt 5.txt
sed "s/\.[0-9]* /.0/" 4a.txt>5.txt
rem previous line replaces last group in IP address by 05.txt
rem previous line replaces last group in IP address by 05.txt
rem previous line replaces last group in IP address by 0rem add new IPs to existing base
cat 5.txt BlacklistedIPs >6.txt6.txt6.txtrem remove dupes
sort 6.txt>7.txt
uniq 7.txt>8.txt7.txt
uniq 7.txt>8.txt7.txt
uniq 7.txt>8.txt8.txt8.txtrem form new base that can be copied to location, where SpamFilter set to.
ren 8.txt BlacklistedIPs
=========That's it.
I think it is easier to make copuple of white addresses instead of receiving tons of junk email to analyse its contents by text filters.
|
|
Oleg Medvedev
Guest Group |
Post Options
Thanks(0)
|
Hmm... looks like forum deleted all my single line breaks...Corrections to previous message:spam.dat has one entry per one line.batch file needs correction too. It needs to insert line breaks instead of unneeded spaces.if you interested, don't hesitate to contact me by email.
|
|
Dan B
Senior Member Joined: 09 February 2005 Location: United States Status: Offline Points: 105 |
Post Options
Thanks(0)
|
Oleg, Can you email me the batch file and the spam.dat files? I would like to see what our large log files will show. You can email me at funnyman____ at yahoo dot com those are (4 under scores) Thanks, Dan Blickensderfer |
|
Post Reply | |
Tweet
|
Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.219 seconds.