Devdas Bhagat wrote:
On 24/09/06 16:50 +0300, Mario A. Spinthiras wrote:
Is there a way to implement RBL within an email client ? If so you dont
SpamAssassin or equivalent.
need much of the super duper applications written today to stop spam.
RBL usually works perfectly on mail servers. I dont see how it couldnt
DNSBLs are supposed to be used on MX hosts. anything beyond that leads
to accept, then bounce scenarios, or merely tagging as spam.
Devdas Bhagat
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
Indeed i agree. Receiving and bouncing isnt necessarily a bad thing
though. I agree its a waste of bandwidth since your already downloading
the message. Today's world is full of high speed connections though so
doesnt really matter. Plus taking into consideration the fact that if
its a virus , an author will make the malicious code as small as
possible in order for the end-user-stupid-user to download it nice and
fast. That includes spam too. Spammers make the messages very crafty and
simple.
I have been working on a basic code to slowly develop into something
transparent for *nix users between the POP3 and the Email client. Code
is as below. Just to make some minds think. Its far from finished but it
will definitely inspire.
BEGIN CODE----------------------------------
#!/bin/sh
echo "[*] Spam Check Tool"
echo "[*] Mario A. Spinthiras (mario at netway dot com dot cy)"
echo ""
echo ""
if [ -z $1 ]; then
echo "Not enough parameters."
echo "Usage: $0 [host]";
echo ""
echo "Application Terminated!"
exit;
fi
echo "[*] Initializing Application..."
YESRBL="0"
NORBL="0"
RBLNUM="0"
RBLHOST=$1
FINALNUM="0"
RBLS="in.dnsbl.org sbl.spamhaus.org whois.rfc-ignorant.org
relays.ordb.org nonconfirm.mail-abuse.org dialups.mail-abuse.org
dnsbl.njabl.org dnsbl.sorbs.net list.dsbl.org multihop.dsbl.org
multihop.dsbl.org"
for i in $RBLS; do
RBLNUM=$(echo $RBLNUM + 1|bc -l)
done
echo "[*] RBL lists available: $RBLNUM"
echo "[*] Checking for mail servers."
OUTPUT=$(host -t MX $RBLHOST|awk '{ print $7 }'|sed -e 's/.$//g')
if [ -z "$OUTPUT" ]; then
echo "[*] Could not retreive mail servers for the requested domain."
echo "[*] Exiting."
exit;
fi
for g in $OUTPUT; do
FINALOUT="$g $FINALOUT"
done
echo "[*] Mail servers: $FINALOUT"
for i in $FINALOUT; do
FINALNUM=$(echo $FINALNUM + 1|bc -l)
done
echo "[*] Mail Servers to query: $FINALNUM"
echo "[*] Performing dns queries.."
for a in $FINALOUT; do
IPTEMP=""
IPTEMP=$(nslookup $a|grep Address|grep -v "#"|awk '{ print $2 }')
if [ -z "$IPTEMP" ]; then
echo "[*] Could not resolve mail server."
echo "[*] Exiting."
exit;
else
IPFINAL="$IPTEMP $IPFINAL"
IPTEMP=$(echo $IPTEMP|sed -e "s/^M//")
echo "[*] MX: $a is $IPTEMP"
IPFINAL=$(echo $IPFINAL|sed -e "s/^M//")
fi
done
echo "[*] Setting up RBL query..."
for t in $IPFINAL; do
PERFORM="$PERFORM $(echo $t|sed '/\n/!G;s/\(.\)\(.*\n\)/&\2\1/;//D;s/.//')"
done
echo "[*] Reverse Ready: $PERFORM"
echo "[*] Checking RBL lists..."
for v in $RBLS; do
for x in $PERFORM; do
QUERYRBL=""
QUERYRBL=$(nslookup $x.$v|grep Address|grep -v "#"|awk '{ print $2 }')
if [ -z "$QUERYRBL" ]; then
NORBL="$(echo "$NORBL +1"|bc -l)"
echo "[*] NO!: $v - ($(echo $x|sed
'/\n/!G;s/\(.\)\(.*\n\)/&\2\1/;//D;s/.//'))"
else
YESRBL="$(echo "$YESRBL +1"|bc -l)"
YESHOST="$(echo $YESHOST $x|sed '/\n/!G;s/\(.\)\(.*\n\)/&\2\1/;//D;s/.//')"
echo "[*] YES!: $v - ($(echo $x|sed
'/\n/!G;s/\(.\)\(.*\n\)/&\2\1/;//D;s/.//'))"
fi
done
done
echo "[*] Finished queries!"
echo "[*] Not Passed: $YESRBL"
echo "[*] Passed: $NORBL"
END CODE-----------------------------------------------
---------------------------------------------------------------------------
This list is sponsored by: Norwich University
EARN A MASTER OF SCIENCE IN INFORMATION ASSURANCE - ONLINE
The NSA has designated Norwich University a center of Academic Excellence
in Information Security. Our program offers unparalleled Infosec management
education and the case study affords you unmatched consulting experience.
Using interactive e-Learning technology, you can earn this esteemed degree,
without disrupting your career or home life.
http://www.msia.norwich.edu/secfocus
---------------------------------------------------------------------------
