DonotAddIPToHoneypot wildcard
Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=5707
Printed Date: 16 December 2025 at 7:12pm
Topic: DonotAddIPToHoneypot wildcard
Posted By: Shade
Subject: DonotAddIPToHoneypot wildcard
Date Posted: 07 July 2006 at 12:43pm
|
Dear all, I would like to permanently unban an IP class like 192.168.*.*, but with DoNotAddIPToHoneypot, it can't use wildcard...(I've try, it doesn't work) How to make it possible ? Thank you  |
Replies:
Posted By: LogSat
Date Posted: 07 July 2006 at 10:48pm
|
Sorry Shade, but no wildcards are allowed in that entry. ...there is a "hack", but it's untested and unsupported. You can enter the IP: 192.168. As the match is based on a "ContainsText" function, if the string "192.168." is contained in the connecting IP address, it will trigger a match. Please note that the match would also trigger onany IP in the form "nnn.192.168.nnn" ------------- Roberto Franceschetti http://www.logsat.com" rel="nofollow - LogSat Software http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP |
Posted By: sgeorge
Date Posted: 11 July 2006 at 1:25pm
|
Just fyi, I myself attempted the hack today, and it didn't appear to work on version 2.07.1.532 (Unregistered). Like you said, it's an untested and unsupported technique, so I'm not disappointed. I'm just curious if the functionality has changed in more recent versions of SpamFilter. Thanks, Stephen |
Posted By: Marco
Date Posted: 14 July 2006 at 10:46am
|
cant you use the keyword whitelist with the line: < Received: from 192.168.*.* by mail.yourdomain.com > ? Ofcourse one should use a regex, but im not into regex :)
------------- Anyone who is capable of getting himself made president, should on no account be allowed to do the job. D.Adams |
Posted By: sgeorge
Date Posted: 14 July 2006 at 4:42pm
|
Well, I think that the most efficient way to whitelist such an ip range would be to use the Excluded Domains / IPs white list tab. But really, what shade is trying to do is not to whitelist a range of ips.. but to prevent them from being blacklisted - so that some email from the domain can get through - even if it's blacklisted by MAPS, honeypot, or ip cache. Sounds a little odd, but the critical difference is that... instead of treating 100% of the email from the i.p. range to be legitiimiate (whitelisted), to instead scrutinize the mail based on all filters except for those that block based on the i.p. By adding i.p. to the DoNotAddIPToHoneypot list, you can still block email from that i.p. on a case-by-case basis, through filters like keywords, bayesian, from/to email addresses, SURBL matches, etc. Stephen |
Posted By: WebGuyz
Date Posted: 14 July 2006 at 6:25pm
|
Good question. I too am trying an experiment to force feed some spam to SF but don't want the server I'm using to become rejected by the blacklist cache. Can't whitelist the IP because then then it would defeat the purpose of the experiment. Right now I'm sending a spam every 5 minutes to get around my sf .ini settings of blacklisting the IP if I get more than 4 spams in 10 minutes. Thanks! ------------- http://www.webguyz.net |