-
December 3rd, 2004, 11:43 AM
#1
Junior Member
Syslog and sendmail - logging spam
Hi Guys
Have a linux box hosting a few sites, one of the sites has a domain name similar to a well known porn site and a spammer has taken to spoofing mail from his domain name in an attempt to sell meds and the usual.
The problem is that we receive mail message bounces back to randomalias@clientdomain.com , the volume of these means that syslog is using a lot of resources logging bounces from clientdomain.com and the logfiles it generates are huge. This pi**es me off.
What I really want is a way of entering "clientdomain.com" into the syslog or sendmail configuration and having it excluded from the logging process.
Can someone explain how to do this?
Regards
James
hirstys@gmail.com
-
December 3rd, 2004, 06:37 PM
#2
Syslog is too dumb to disclude NDR's about a specific domain AFAIK.
Sendmail will probably be in the same boat but you may be able to glue something together.
You may have to parse current log files and then rewrite them without lines containing
the NDR information for that domain or host.
Possible Helpful Links:
http://spamlinks.openrbl.org/filter-bounce.htm#cope
-
December 4th, 2004, 02:50 AM
#3
Banned
i know theres ways to block all traffic from a source.
-
December 4th, 2004, 04:38 AM
#4
Originally posted here by karmine
i know theres ways to block all traffic from a source.
NDRs about that domain could come from countless hosts depending on the delivering server.
Of couse there are ways to block traffic. Simply doing that then gets his router/firewall logs clogged with DENY entries and he is back to square one.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|