DonotAddIPToHoneypot wildcard |
Post Reply 
|
| Author | |
Shade 
Groupie 
Joined: 20 April 2006 Location: France Status: Offline Points: 48 |
 Post Options
 Thanks(0)
 Quote Reply
 Topic: DonotAddIPToHoneypot wildcardPosted: 07 July 2006 at 12:43pm |
|
Dear all,
I would like to permanently unban an IP class like 192.168.*.*, but with DoNotAddIPToHoneypot, it can't use wildcard...(I've try, it doesn't work) How to make it possible ? Thank you  |
|
 |
|
|
LogSat
Admin Group 
Joined: 25 January 2005 Location: United States Status: Offline Points: 4106 |
Post Options
Thanks(0)
Quote Reply
Posted: 07 July 2006 at 10:48pm |
|
Sorry Shade, but no wildcards are allowed in that entry.
...there is a "hack", but it's untested and unsupported. You can enter the IP: 192.168. As the match is based on a "ContainsText" function, if the string "192.168." is contained in the connecting IP address, it will trigger a match. Please note that the match would also trigger onany IP in the form "nnn.192.168.nnn" |
|
|
|
|
sgeorge
Senior Member 
Joined: 23 August 2005 Status: Offline Points: 178 |
Post Options
Thanks(0)
Quote Reply
Posted: 11 July 2006 at 1:25pm |
|
Just fyi, I myself attempted the hack today, and it didn't appear to work on version 2.07.1.532 (Unregistered).
Like you said, it's an untested and unsupported technique, so I'm not disappointed. I'm just curious if the functionality has changed in more recent versions of SpamFilter. Thanks, Stephen |
|
|
|
|
Marco
Senior Member
Joined: 07 June 2005 Location: Netherlands Status: Offline Points: 137 |
Post Options
Thanks(0)
Quote Reply
Posted: 14 July 2006 at 10:46am |
|
cant you use the keyword whitelist with the line: < Received: from 192.168.*.* by mail.yourdomain.com > ? Ofcourse one should use a regex, but im not into regex :)
|
|
|
Anyone who is capable of getting himself made president, should on no account be allowed to do the job. D.Adams
|
|
|
|
|
sgeorge
Senior Member
Joined: 23 August 2005 Status: Offline Points: 178 |
Post Options
Thanks(0)
Quote Reply
Posted: 14 July 2006 at 4:42pm |
|
Well, I think that the most efficient way to whitelist such an ip range would be to use the Excluded Domains / IPs white list tab.
But really, what shade is trying to do is not to whitelist a range of ips.. but to prevent them from being blacklisted - so that some email from the domain can get through - even if it's blacklisted by MAPS, honeypot, or ip cache. Sounds a little odd, but the critical difference is that... instead of treating 100% of the email from the i.p. range to be legitiimiate (whitelisted), to instead scrutinize the mail based on all filters except for those that block based on the i.p. By adding i.p. to the DoNotAddIPToHoneypot list, you can still block email from that i.p. on a case-by-case basis, through filters like keywords, bayesian, from/to email addresses, SURBL matches, etc. Stephen |
|
|
|
|
WebGuyz
Senior Member
Joined: 09 May 2005 Location: United States Status: Offline Points: 348 |
Post Options
Thanks(0)
Quote Reply
Posted: 14 July 2006 at 6:25pm |
|
Good question. I too am trying an experiment to force feed some spam to SF but don't want the server I'm using to become rejected by the blacklist cache. Can't whitelist the IP because then then it would defeat the purpose of the experiment. Right now I'm sending a spam every 5 minutes to get around my sf .ini settings of blacklisting the IP if I get more than 4 spams in 10 minutes. Thanks! |
|
|
http://www.webguyz.net
|
|
|
|
Topic Options|
Post Reply
|
|
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.391 seconds.