Franks tools for living with Qmail
To start things off, I must recommend that any Qmail admin replace the standard qmail-smtpd with Qpsmtpd, basically a perl-based drop-in replacement. I have found it to be invaluable to the reduction of SPAM coming into my domains. To fight SPAM, I find alot of text processing needs to be done. What processes text better than perl?
- hnbl - HostName BlackList, formerly named "check_hostbyREname" (which was a very ugly name). This is a plugin to qpsmtpd which will disconnect incoming SMTP connections based on the remote hosts's DNS name. For example (my current top offenders):
-
.*\.client\.comcast\.net$
-
^pcp\d+pcs\..*\.comcast\.net$
-
.*\d{1,3}-\d{1,3}-\d{1,3}-\d{1,3}.*\.rr\.com$
-
.*\.client2\.attbi\.com$
-
^adsl-\d{1,3}-\d{1,3}-\d{1,3}-\d{1,3}\.dsl\.[a-z0-9]{4,8}\.(pac|sw)bell\.net$
- (Yet another) check_goodrcptto - Another qpsmtpd plugin. Uses a static config file to accept only specific aliases for a domain. useful during random_chars@example.com type joe-jobs to bounce the bounces.
Update: d'oh! I was informed by Guillaume on the list that someone already wrote the same thing so this is just a reinvention of the wheel. The 'original' can be found here
- report_mail_current_DNS.sh - simple shell script to report SMTP connects without reverse DNS names.
- report_mail_current_RE.sh - simple shell script to report SMTP connects that were booted by hnbl. (RE == Regular Expression)
- syslogtail.pl - less-simple perl script that displays filtered system logs in terminal colors for easy real-time scanning.
Requires Time::TAI64 v1.7 (available here(not mine), newer versions are too confusing for me) and Term::ANSIColor which you can safely pick up at CPAN.
There may be bugs. If you find one, lemme know.
<ratty at they dot org>
Back to my software