No Description

Darko Luketic c0953419d2 go mod & remove add command 1 year ago
.gitignore 7dfe464f2e initial 1 year ago
LICENSE 7dfe464f2e initial 1 year ago
README.md 39b9656baa readme 1 year ago
go.mod c0953419d2 go mod & remove add command 1 year ago
go.sum c0953419d2 go mod & remove add command 1 year ago
main.go c0953419d2 go mod & remove add command 1 year ago

README.md

spamip

spamip is a command line tool that adds an IP to a bind zone file in DNSBL format

Installing

go get github.com/dalu/spamip
go install github.com/dalu/spamip

Getting Started

All you need is a file with this header, in my cast it's located in /var/bind/pri/localhost.zone

$TTL 1W
@       IN      SOA     localhost. root.localhost.  (
                                      2009121301 ; Serial
                                      28800      ; Refresh
                                      14400      ; Retry
                                      604800     ; Expire - 1 week
                                      86400 )    ; Minimum
@               IN      NS      localhost.
@               IN      A       127.0.0.1

@               IN      AAAA    ::1
;------------------------------------------------------------------
2.0.0.127       IN      A       127.0.0.2
                IN      TXT     "example.com test record"
3.0.0.127       IN      A       127.0.0.3
                IN      TXT     "example.com verified spam source"
10.0.0.127      IN      A       127.0.0.10
                IN      TXT     "example.com confirmed DUL range"
;------------------------------------------------------------------

and this part appended to your /etc/bind/named.conf

zone "localhost" IN {
        type master;
        file "pri/localhost.zone";
        notify no;
};

Then check your message source (in Thunderbird that's CTRL+U) for the spammer's IP you'd like to block and write spamip add 1.2.3.4 where 1.2.3.4 would be the spammer's IPv4 address.

and finally reload bind (systemctl reload named.service or bind9.service or bind.service)

The postfix part is simple:

smtpd_recipient_restrictions =
        reject_unknown_sender_domain,
        reject_unknown_recipient_domain,
        reject_non_fqdn_sender, 
        reject_unauth_pipelining,
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_unauth_destination,
        reject_rbl_client localhost

et vóila, your own DNSBL.

Licence

MIT