spamip/README.md
2019-08-30 18:44:36 +02:00

1.9 KiB

spamip

spamip is a command line tool that adds an IP to a bind zone file in DNSBL format

Getting Started

All you need is a file with this header, in my cast it's located in /var/bind/pri/localhost.zone

$TTL 1W
@       IN      SOA     localhost. root.localhost.  (
                                      2009121301 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      604800     ; Expire - 1 week
                                      86400 )    ; Minimum
@               IN      NS      localhost.
@               IN      A       127.0.0.1

@               IN      AAAA    ::1
;------------------------------------------------------------------
2.0.0.127       IN      A       127.0.0.2
                IN      TXT     "example.com test record"
3.0.0.127       IN      A       127.0.0.3
                IN      TXT     "example.com verified spam source"
10.0.0.127      IN      A       127.0.0.10
                IN      TXT     "example.com confirmed DUL range"
;------------------------------------------------------------------

and this part appended to your /etc/bind/named.conf

zone "localhost" IN {
        type master;
        file "pri/localhost.zone";
        notify no;
};

Then check your message source (in Thunderbird that's CTRL+U) for the spammer's IP you'd like to block and write spamip add 1.2.3.4 where 1.2.3.4 would be the spammer's IPv4 address.

and finally reload bind (systemctl reload named.service or bind9.service or bind.service)

The postfix part is simple:

smtpd_recipient_restrictions =
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        reject_non_fqdn_sender, 
        reject_unauth_pipelining,
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_unauth_destination,
        reject_rbl_client localhost

et vóila, your own DNSBL.

Licence

MIT