Blog Rss FeedTo limit the number of reverse lookups on my dns servers, as well as on abuseeat.org, I use a local copy of their blacklist database. This list is freely accessible at rsync://rsync.cbl.abuseat.org/cbl/list.txt.
Every 12 hours I have a cron entry that launches a make to update all my databases. Here is an extract of this Makefile. As you can see in the Makefile, the latest version if the database is synchronized with rsync. Then cdbmake.py is run to build a cdb database. The cdb database created by Daniel J. Bernstein, acts as an on-disk associative array, mapping keys to values. The main characteristic of the databse is its speed. It takes only 2 disk access to retrieve the data.
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin: DBE=/disks/databases/exim cbl.txt.touch: touch cbl.txt.touch cbl.txt: rsync -t rsync://rsync.cbl.abuseat.org/cbl/list.txt $(DBE)/cbl.txt cbl.db: cbl.txt cbl.txt.touch cdbmake.py -v -f $(DBE)/cbl.txt @rm cbl.txt.touch
In order for exim to lookup in that database, I use the following rule.
check_rcpt:
...
deny message = Rejected - Blacklisted IP address check \
http://cbl.abuseat.org/lookup.cgi?ip=$sender_host_address \
for more info.
log_message = "Rejected - IP address found in internal cbl copy"
hosts = net-cdb;/disks/databases/exim/cbl.cdb
...
The list of blacklisted IP addresses given by abuseat.org is a text file. In order to have good performance lookup we transform this text file into a cdb database with this following python program.
#!/usr/bin/env python # Copyright (c) 2007, Fred C. Franquet # All rights reserved. # # Redistribution and use in source and binary forms, with or without # modification, are permitted provided that the following conditions are met: # * Redistributions of source code must retain the above copyright # notice, this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above copyright # notice, this list of conditions and the following disclaimer in the # documentation and/or other materials provided with the distribution. # * Neither the name of Fred C. Franquet nor the names of its contributors # may be used to endorse or promote products derived from this software # without specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY FRED C. FRANQUET ``AS IS'' AND ANY # EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE # DISCLAIMED. IN NO EVENT SHALL <copyright holder> BE LIABLE FOR ANY # DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES # (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; # LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND # ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT # (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS # SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. import sys import re import cdb import getopt import os.path import time sep = re.compile(r':') usage = """Usage: cdbmake.py [-f filename | --file=filename] [-h | --help] print this message [-v] verbose, print statistics """ def main(): try: opts, args = getopt.getopt(sys.argv[1:], "hf:v", ["help", "file="]) except getopt.GetoptError: print usage sys.exit(2) filename = None verbose = False for o, a in opts: if o == '-v': verbose = True if o in ('-h', '--help'): print usage sys.exit() if o in ('-f', '--file'): filename = a # if filename is None: print usage sys.exit(1) # normalise differents file names infile = os.path.abspath(filename) cdw = os.path.dirname(infile) filename = os.path.splitext(os.path.basename(infile))[0] cdbfile = os.path.join(cdw, filename + '.cdb') tmpname = os.path.join(cdw, filename + '.tmp') if verbose: print "Input file: ", infile print "Output file: ", cdbfile print "Temp file: ", tmpname exectime = time.clock() maker = cdb.cdbmake(cdbfile, tmpname) try: fd = open(infile) except IOError, why: sys.stderr.write('%s\n' % str(why)) sys.exit(1) for line in fd.xreadlines(): if line[0] == '#': continue fields = sep.split(line[:-1]) if len(fields) == 1: maker.add(fields[0], '') elif len(fields) == 2: maker.add(fields[0], fields[1]) maker.finish() del(maker) if verbose: c = cdb.init(cdbfile) print "%s Keys inserted in %.2f sec" % (len(c), time.clock() - exectime) del(c) if __name__ == "__main__": main() sys.exit()
Comments
Posted by: gmt master ii Dec 07, 2009 @ 23:26
Great article! gmt master ii,welcome to choose at our web. Thanks!
Posted by: sell ugg ugg boots online ugg boots Dec 16, 2009 @ 16:56
[HTML_REMOVED]Chestnut UGG Bailey Button Boots [HTML_REMOVED] [HTML_REMOVED]Rose UGG Classic Cardy Boots[HTML_REMOVED] [HTML_REMOVED]Sand UGG Classic Mini Boots[HTML_REMOVED] [HTML_REMOVED]UGG Classic Argyle Knit whit 5879[HTML_REMOVED] [HTML_REMOVED]UGG 5822 Stripe Cable Knit Chocolate White[HTML_REMOVED] [HTML_REMOVED]Chestunt Genuine Australia classic Tall[HTML_REMOVED] [HTML_REMOVED]Sand UGG Ultra Short Boots[HTML_REMOVED] [HTML_REMOVED]Chestnut UGG Sundance Boots [HTML_REMOVED]
Posted by: Rc helicopters Dec 16, 2009 @ 20:12
ok Don't miss the chance to get these fun toys for your family, friends... and yourself! With a BIG DISCOUNT only in XMAS time! www.rcmodelhobby.com
Posted by: replica rolex Dec 28, 2009 @ 00:40
We are Rolex watch experts selling only the finest, top level
condition, and preowned men's and ladies' Rolex watches, used Rolex
watches, unused Rolex watches and new Rolex watches on the market. Our
top priority is to provide every customer with the highest quality
Rolex watch at the lowest price available. Browse our wide selection
of Rolexes for sale.
Posted by: replica watches Dec 29, 2009 @ 21:50
Our watches are all beautifully decorated stainless steel or 18k gold designer replica watches,perfectly fitted to you wirst ,once you wear our watch you will never look back ,Now I will show you some thing wonderful: Rolex Replica Watches, Corum Replica Watches, Dewitt Replica Watches, Rolex Replica Watches, Ferrari Replica Watches…………
Posted by: laptop battery Dec 30, 2009 @ 22:45
Everything will be all right,I am behind you.
Posted by: replica watches Jan 03, 2010 @ 21:27
We are Rolex watch experts selling only the finest, top level condition, and preowned men's and ladies' Rolex watches, used Rolex watches, unused Rolex watches and new Rolex watches on the market. Our top priority is to provide every customer with the highest quality Rolex watch at the lowest price available. Browse our wide selection of Rolexes for sale.
Posted by: china wholesale Jan 13, 2010 @ 23:56
The Internet. which was unfamiliar to human [HTML_REMOVED]china wholesale[HTML_REMOVED] beings is totally accepted by most of people. [HTML_REMOVED]wholesale china[HTML_REMOVED] Especially these days .it has been developing [HTML_REMOVED]dvd wholesale[HTML_REMOVED] faster and faster. people do not [HTML_REMOVED]dvd[HTML_REMOVED] have much time to do everything by themselves. So making full use of the Internet is a good way to color one'slife.
Posted by: film izle Jan 17, 2010 @ 04:48
Thank you for sharing your friends. Hope to see you another day.
Posted by: divx film izle Jan 17, 2010 @ 04:50
Thank you for sharing your friends. Hope to see you another day.
Posted by: links of london Jan 19, 2010 @ 00:30
once you wear our watch you will never look back ,Now I will show you some thing wonderful: Rolex Replica Watches,
Posted by: tiffany necklaces Jan 22, 2010 @ 01:19
But the groups do not want to marry[HTML_REMOVED]Tiffany Necklaces[HTML_REMOVED]They have their own rooms and cars Nearly half of More than two percent of people have private cars
Posted by: uvip33 Feb 05, 2010 @ 21:59
That’s something,That's what I was thinking.Brilliant idea.
Posted by: Nike Air Max Mar 04, 2010 @ 00:57
So beautiful sharing!Thank you very much.
Posted by: tag heuer watch Mar 04, 2010 @ 23:34
can show a man not only his wealthy but also his high taste.tag heuer watch As the society developed, many people are pay more attention to one's wearing than before, especially a watch. tag heuer watch If you are wearing a famous brand watch, people will look up you, also will love to do business with you. You will be a successful man with a such luxury fashion watch.
Posted by: Nike Air Max Mar 11, 2010 @ 19:16
Best wishes!Your blog is very good!
Posted by: omega moon watch Mar 11, 2010 @ 20:44
I recently came across your blog and have been reading along. I thought I would leave my first comment. I don't know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often.
Posted by: Online Education Mar 13, 2010 @ 02:01
reading along. I thought I would leave my first comment. I don't know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often.
Posted by: Degree Programs Mar 13, 2010 @ 02:02
would leave my first comment. I don't know what to say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often. http://www.worldwideacademics.com/programs/
Posted by: professions Mar 13, 2010 @ 02:03
say except that I have enjoyed reading. Nice blog. I will keep visiting this blog very often. http://www.worldwideacademics.com/programs/ [HTML_REMOVED]profession[HTML_REMOVED]
Posted by: Nike Air Max Mar 18, 2010 @ 02:49
It is so nice.
Posted by: Data Recovery Mar 29, 2010 @ 08:38
never easy
Posted by: Data Recovery Mar 29, 2010 @ 08:41
good capcha is the best method
Posted by: brand designer handbags Apr 07, 2010 @ 20:10
Here is the richest in the world and you can find your needs bring you harvest. yes brand designer handbags there is no other better place than here,in here you are with my natural beauty dvd brand designer handbags but also naturally pure green world. our homes brand designer handbags a share in the bar.God bless you!
Posted by: brand designer handbags Apr 07, 2010 @ 20:26
Here is the richest in the world and you can find your needs bring you harvest. yes brand designer handbags there is no other better place than here,in here you are with my natural beauty dvd brand designer handbags but also naturally pure green world. our homes brand designer handbags a share in the bar.God bless you!
Posted by: buy wholesale Apr 19, 2010 @ 00:20
It is good!