Hacking GeoIP.dat |
Post Reply 
|
| Author | |
sgeorge 
Senior Member 
Joined: 23 August 2005 Status: Offline Points: 178 |
 Post Options
 Thanks(0)
 Quote Reply
 Topic: Hacking GeoIP.datPosted: 18 July 2006 at 11:37am |
|
I have a very odd request. I would like to have my own country (wouldn't we all!).
 Actually, I just want SpamFilter to think that I have my own country - I want to add a custom entry into the country filter blacklist. I want this pseudo-country to supposedly have every i.p. address on the internet, minus one, let's call it 123.123.123.123. By blacklisting this "country" and turning on the country filter for only one of my domains, I can effectively make it so that that domain only accepts email from a single sending i.p. address, while my other domains can rely on the more conventionally used IP Blacklist.Is this possible? Does anyone know how to mess with the i.p. -> country mapping file, GeoIP.dat? Thanks for putting up with my weirdness.  Stephen Edited by sgeorge |
|
 |
|
|
StevenJohns
Senior Member
Joined: 03 August 2006 Status: Offline Points: 119 |
Post Options
Thanks(0)
Quote Reply
Posted: 31 August 2006 at 5:43am |
|
answering a question with a question !!!! Does the keyword filtering check the headers as well??? If so, could you write a regex that checks the recieving domain and also checks that the email was recieved from the IP in question? Again, I dont know if the keyword searches the headers, and I dont know how to write regex, but maybe it could be done. just a thought. |
|
|
|
|
LogSat
Admin Group 
Joined: 25 January 2005 Location: United States Status: Offline Points: 4106 |
Post Options
Thanks(0)
Quote Reply
Posted: 31 August 2006 at 8:09am |
|
To answer the headers question, only the "Received:" headers are scanned. We were seing way too many false positives by scanning all other headers...
|
|
|
|
|
StevenJohns
Senior Member
Joined: 03 August 2006 Status: Offline Points: 119 |
Post Options
Thanks(0)
Quote Reply
Posted: 31 August 2006 at 9:38am |
|
Does that suggest that the keyword filter wouldn't know what the recieving domain is ??
|
|
|
|
|
LogSat
Admin Group
Joined: 25 January 2005 Location: United States Status: Offline Points: 4106 |
Post Options
Thanks(0)
Quote Reply
Posted: 31 August 2006 at 3:51pm |
|
Correct. The keyword filter just scans the email body and subject for keywords. Other filters who act on the recipient will know what the receiving domain is.
|
|
|
|
|
StevenJohns
Senior Member
Joined: 03 August 2006 Status: Offline Points: 119 |
Post Options
Thanks(0)
Quote Reply
Posted: 01 September 2006 at 5:30am |
|
err, ok..."other filters"....please elaborate.
|
|
|
|
|
LogSat
Admin Group
Joined: 25 January 2005 Location: United States Status: Offline Points: 4106 |
Post Options
Thanks(0)
Quote Reply
Posted: 01 September 2006 at 10:27am |
|
I'm not sure what you're asking...
For example the whitelist "Email FROM" filter looks at the recipient to see it's domain. The County blacklist filter doesn't care about the recipient's domain, so it will not look at it. Filters that look incontent, like the keywords, SURBL, and Bayesian filters, do not look at neither senders nor recipients. Each filter acts upon something. Sometimes it's the sender's domain. Sometime it's the sender's IP. Sometime it's the recipient's email, etc. |
|
|
|
Topic Options|
Post Reply
|
|
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.211 seconds.