This is in ref. with "A MIMEDefang filter to block spam, mail forging, adding boilerplates, smtp dictionary attacks"


Few Things that I had not mentioned clearly in the above post:
The filter DOES accept the first spam mail from any ip address, adds boilerplate ("the ip has got banned please contact admin in case of any issues...") and then sends it to the recipient.
Then it adds the ip into the database and the next time when spammer tries to connect to the server, it simply rejects the spammer.

This is the default behavior so that false alert should not ban the genuine user forever. This way the filter will become more and more mature as and when new ip addresses are banned.

But yes, If you want this action to be changed to:

"Discarding the first spam message from certain ip address too"
then I would suggest following change in the code:

------------------------Original code snippet---------

my($hits, $req, $names, $report) = spam_assassin_check();
action_change_header("X-Spam-Score","$hits :: $names ");
if (($hits > 10 ) && (!&ISMYIP($RelayAddr))) {
my $dbh = DB_CONNECT();
my $ath = $dbh->prepare(qq{insert into `blockedip` values('$RelayAddr')});
$ath->execute();
$ath->finish();

$dbh->disconnect();
$BOILit = "This is a Spammer $RelayAddr so it has got banned. Contact admin if any issues " ;

}
append_text_boilerplate($entity, "$BOILit ", 0);

}
# DO NOT delete the next line, or Perl will complain.
1;


------------------------Suggested code snippet---------

my($hits, $req, $names, $report) = spam_assassin_check();
action_change_header("X-Spam-Score","$hits :: $names ");
if (($hits > 10 ) && (!&ISMYIP($RelayAddr))) {
my $dbh = DB_CONNECT();
my $ath = $dbh->prepare(qq{insert into `blockedip` values('$RelayAddr')});
$ath->execute();
$ath->finish();

$dbh->disconnect();
$BOILit = "SpAmMeR";
}
if ($BOILit ne "SpAmMeR") {
append_text_boilerplate($entity, "$BOILit ", 0);
} else {
action_discard();
}
}
# DO NOT delete the next line, or Perl will complain.
1;


############################
#CODE ENDED HERE
############################

Few more things that users keep on asking me:

1) About Boiler Plate Data:
These boiler plates are to be added manually and they are not added automatically.
Each mail account can have his /her own boiler plate.
Don't use this as a signature because this costs cpu power and other resources.
This is to be added as per the "Organizational role played by the mail account holder". Thats defined by the organizational policies in most cases.

2) Currently there are no tools to add or remove mail ids, blocked ips, boiler plates or for any data manipulation in the database.

3) About further developments of this basic simple filter:
Hmmm..
I am seriously thinking of creating A GPL based complete spam protection suit. Which would use:
i) SpamAssassin
ii) MIMEDefang
iii) Apache for web based administration
iv) MySQL
v) PHP as a development language for web based control panel.
vi) A MIMEDefang filter to bring i, ii, iv and sendmail together.
AND
vii) Most Important SENDMAIL!

I would appreciate if some one can suggest me features that should be included.

Hey, but I have not promised that I will be doing all of the above though I would be very much happy if I can.




- Aniruddha Thombre
<a href="http://www.aniruddhas.com/" target="_blank">- Aniruddha Thombre</a>

MySQL Replication made simple

Edit /etc/my.cnf on Primary / Master MySQL server from which you want to replicate the data
to add following lines:
------------------------------------------------------
#Name of Binary log File Which has to be provided to slave server too.
log-bin=mysql-bin.log

#Name of the database which you want to replicate or the one which you dont want to be replicated.
binlog-do-db=replicatethisdb
binlog-ignore-db=dontreplicatedb

#Unique server id (Unique among all replication master / slaves)
server-id=1
------------------------------------------------------

---------------------------------------------------------------------
Sample MySQL Configuration file On the Master:
/etc/my.cnf
---------------------------------------------------------------------
[mysqld]
datadir=/var/lib/mysql
socket=/var/lib/mysql/mysql.sock
log-bin=mysql-bin.log
binlog-do-db=replicatethisdb
binlog-ignore-db=mysql

server-id=1

[mysql.server]
user=mysql
basedir=/var/lib

[mysqld_safe]
log-error=/var/log/mysqld.log
pid-file=/var/run/mysqld/mysqld.pid
---------------------------------------------------------------------


restart mysql on server

Connect to the mysql server:-

mysql -u root -p

Execute following:-

GRANT REPLICATION SLAVE ON *.* TO 'slave'@'remote.hostname' IDENTIFIED BY '<some_password>';
FLUSH TABLES WITH READ LOCK;

#You need to say *.* not replicatethisdb.* as REPLICATION is an administrative right.


SHOW MASTER STATUS;

 +------------------+----------+----------------+------------------+
| File             | Position | Binlog_Do_DB    | Binlog_Ignore_DB |
+------------------+----------+-----------------+------------------+
| mysql-bin.000001 |       98 | replicatethisdb |  mysql           |
+------------------+----------+-----------------+------------------+

#Record filename and Position in above table.


on slave edit in /etc/my.cnf to add :

server-id=2
master-host = my.masterhostip.or.name
master-user = slave
master-password = some_password
replicate-do-db = replicatethisdb
log-warnings


restart mysqld on slave



On slave connect to mysql:

mysql -u root -p
#Stop slave if it is working with:
STOP SLAVE;

#Execute following:
CHANGE MASTER TO MASTER_HOST='my.masterhostip.or.name', MASTER_USER='slave', MASTER_PASSWORD='some_password', MASTER_LOG_FILE='recorded_log_file_name', MASTER_LOG_POS=recorded_log_position;

# that becomes following in our case:
CHANGE MASTER TO MASTER_HOST='my.masterhostip.or.name', MASTER_USER='slave', MASTER_PASSWORD='some_password', MASTER_LOG_FILE='mysql-bin.000001', MASTER_LOG_POS=98;


#Restart both mysql servers to check if it is working.
#To check that fire up following queries:
#This is to be executed on the master server
SHOW MASTER STATUS;

#This is to be executed on the slave server
SHOW SLAVE STATUS;

#Record log file names and positions and check if both are matching. It should, if it is working.

Thats it! We have got MySQL Replication working!
Isn't that "MySQL Replication made simple" ?




- Aniruddha Thombre
Other Tutorials on aniruddhas.com

So, Whats MyDNS?

Its a DNS server.
For further details on how to install and configure it, you may have to visit:-
http://mydns.bboy.net/
or also mysql and postgresql's respective home pages.

We are just going to discuss the features and benefits of MyDNS

MyDNS:- MySQL (Also PostgreSQL) backed DNS server

Features:-

"stability, security, interoperability, and speed" as the author says!

No need to reload dns server after any change in any or all zones.
Speed is not affected no matter how many zones we have, and how many entries a zone has.
As it is backed up by MySQL /PostgreSQL we may load balance / mirror the databases.
The structure may look like this:-

1) Master DNS server
-- has a database holding all required zone info
-- that database is allowed to be replicated on slaves
-- gets zone info from zone files located on respective servers
-- we can use tools such as myphp or admin scripts for myDNS to change the settings for individual or all files manually whenever required
-- We can also use API's for control panels to directly modify the databases on DNS servers If any control panels such as plesk / cpanel etc are used.
-- Developing a simple application for a database with just two tables is not difficult .
-- we can have completely different database server setup if required

2) Slave DNS server
-- database is replicated from the master dns server, every 60 seconds or so

If any thing goes wrong with master dns server (such as major hardware failures) we may immediately add master dns server's ip to the slave and stop replication process.

Homepage for MyDNS is located here:-

http://mydns.bboy.net/


- Aniruddha Thombre

Hi Everyone,


Here is a simple MIMEDefang filter which tries to defend from spam . Although is useful to know how to use mimedefang filters, it is not perfect, it doesn't do any error checking (for example database connection failure and so on ) and needs some improvements.

This filter is supposed to be used where:-

There are multiple servers / hosts on behalf of which this mail server accepts the mails.

Setup:-

mail.example.com (sendmail server with mimedefang): 10.0.0.1
mimedefang on mail.example.com considers 10.0.0.1, 10.0.0.2 as own ip and everything else is the world.

mimedefang on Server needs mysql running which holds database 'defang' (user defang , pass dbpassword)


Features of the first filter:-

filter allows own network to do anything (127.0.0.1 / 10.0.0.1, 10.0.0.7 ) whats with smtp norms

filter blocks ip address if someone tries sending mails to nonexistent users.
filter blocks ip address if someone tries mail forging by own mail ids from other ip addresses.
filter accepts mails for users which exist in database.
filter rejects every command from the ip which is listed as blocked.
filter blocks ip address if someone sends spam scoring more than 10 on spamassassin. Then adds a boiler plate to reciving user that the ip has been blocked and contact admin in case of any issues.

user defined boilerplates can be added (or may be domain specific if needed).

So this filter is supposed to be used to act against:-
spammers and spam, a filter against mail forging, a filter to add boilerplates, a filter to act against smtp dictionary attacks.

#############################################################
database structure:-
Database name:- "defang"

+------------------+
| Tables_in_defang |
+------------------+
| blockedip        |
| mailnames        |
+------------------+

mysql> select * from blockedip;
+--------------+
| ipaddress    |
+--------------+
| 10.0.0.9     |
+--------------+
mysql> select * from mailnames;
+-------------------------------------+-----------------+
| mailname                            | boilerplate     |
+-------------------------------------+-----------------+
| aniruddha@example.com               | Zakkasss....... |
+-------------------------------------+-----------------+


code begins here:-

#############################################################
detect_and_load_perl_modules();

sub DB_CONNECT() {
use DBI;
my $dsn = 'DBI:mysql:defang:localhost';
my $db_user_name = 'defang';
my $db_password = 'dbpassword';
my $dbh = DBI->connect($dsn, $db_user_name, $db_password);
return $dbh;
}

sub ISMYIP($) {
my ($ISITOUR) = @_;
my @NETWORK = ('127.0.0.1' , '10.0.0.1' , '10.0.0.7');
        foreach my $ADDRESS (@NETWORK) {
        if ( $ISITOUR eq $ADDRESS) {
                                return true;
                                }
                }
        }


sub filter_relay($$$) {
my ($hostip, $hostname, $helo) = @_;
{

if ( &ISMYIP($hostip) ) {
            return ('CONTINUE', "You are allowed $hostip");
                        }

my $dbh = DB_CONNECT() or return  ('CONTINUE', "ok");
my $sth = $dbh->prepare(qq{select `ipaddress` from `blockedip` where `ipaddress` = '$hostip'});
$sth->execute();
($ipexists) = $sth->fetchrow_array();
$sth->finish();
$dbh->disconnect();
                  if ($hostip eq $ipexists) {
return ('REJECT', "Go away you spammer!");
            }

return ('CONTINUE', "ok");


}
}

sub filter_sender ($$$$) {
my ($sender, $hostip, $hostname, $helo ) = @_;
if ( &ISMYIP($hostip) ) {
            return ('CONTINUE', "You are allowed $hostip");
                        }
my $dbh = DB_CONNECT() or return  ('CONTINUE', "ok yup");
my $sth = $dbh->prepare(qq{select `ipaddress` from `blockedip` where `ipaddress` = '$hostip'});
$sth->execute();
($ipexists) = $sth->fetchrow_array();
$sth->finish();
#$dbh->disconnect();
                  if ($hostip eq $ipexists) {
$dbh->disconnect();
return ('REJECT', "Did you just decide to spam me?");
            }

my $sndr =  substr("$Sender",1,(length($Sender) - 2 ));
my $sth = $dbh->prepare(qq{select  `mailname` from `mailnames` where `mailname` = '$sndr'});
$sth->execute();
($exists) = $sth->fetchrow_array();
$sth->finish();
if ( ($sndr = $exists) && (!&ISMYIP($RelayAddr) ) ) {
my $ath = $dbh->prepare(qq{insert into `blockedip` values('$RelayAddr')});
$ath->execute();
$ath->finish();
$dbh->disconnect();
return ('REJECT',"Go find someone else you forger");
}
return ('CONTINUE', "ok done");
}


sub filter_recipient ($$$$$$) {
my ($recipient, $sender, $ip, $hostname, $first, $helo) = @_;
my $dbh = DB_CONNECT() or return  ('CONTINUE', "ok");
my $rcp =  substr("@Recipients",1,(length(@Recipients) - 2 ));
my $sth = $dbh->prepare(qq{select  `mailname` from `mailnames` where `mailname` = '$rcp'});
$sth->execute();
($exists) = $sth->fetchrow_array();
$sth->finish();
my $isth = $dbh->prepare(qq{select `ipaddress` from `blockedip` where `ipaddress` = '$ip'});
$isth->execute();
($iexists) = $isth->fetchrow_array();
$isth->finish();

 if ($ip eq $iexists) {
$dbh->disconnect();
                if (&ISMYIP($ip)) {
                        return ('CONTINUE', "ok");
                        }
            return ('REJECT', "Dont try to be wise");
            }


            if ($rcp eq $exists) {
$dbh->disconnect();
            return ('CONTINUE', "ok");
            }
if ( &ISMYIP($ip)) {

return ('REJECT', "$rcp  $recipient  @Recipients ! I really don't know this mail id!");
}
my $ath = $dbh->prepare(qq{insert into `blockedip` values('$ip')});
$ath->execute();
$ath->finish();

$dbh->disconnect();
return ('REJECT', "$recipient! I really don't know this mail id!");

}


sub filter_end ($) {
    my($entity) = @_;
    return if message_rejected();
sub boilit  {
my $ABC = substr("$Sender",1,(length($Sender) - 2 ));
my $dbh = DB_CONNECT();
my $sth = $dbh->prepare(qq{select `boilerplate` from `mailnames` where `mailname` = '$ABC'});
$sth->execute();
($BOILER) = $sth->fetchrow_array();
$sth->finish();
$dbh->disconnect();
if ($BOILER eq "") {
return $ABC;
}
return $BOILER;
}

my $BOILit = &boilit();
my($hits, $req, $names, $report) = spam_assassin_check();
action_change_header("X-Spam-Score","$hits :: $names ");
if (($hits > 10 ) && (!&ISMYIP($RelayAddr))) {
my $dbh = DB_CONNECT();
my $ath = $dbh->prepare(qq{insert into `blockedip` values('$RelayAddr')});
$ath->execute();
$ath->finish();

$dbh->disconnect();
$BOILit = "This is a Spammer $RelayAddr  so it has got banned. Contact admin if any issues " ;

}
append_text_boilerplate($entity, "$BOILit   ", 0);

}
# DO NOT delete the next line, or Perl will complain.
1;
###############################################
# Code ends here
###############################################

This is a very simple filter but still it gives a glimpse at the power of MIMEDefang

Please Visit:- http://www.mimedefang.org/ for further details.

Hope, someone gets benefited from this post 
Let me know if somebody has any suggestions, improvements, or requires any filters developed for.

- Aniruddha Thombre

It was a great movie, somehow I found this quote from the film and felt it should be produced. Its a perfectly practical view towards "What is love?"

The quote:-

Love is a temporary madness. It erupts like an earthquake and then subsides. And when it subsides you have to make a decision. You have to work out whether your roots have become so entwined together that it is inconceivable that you should ever part. Because this is what love is. Love is not breathlessness, it is not excitement, it is not the promulgation of promises of eternal passion. That is just being "in love" which any of us can convince ourselves we are.
Love itself is what is left over when being in love has burned away, and this is both an art and a fortunate accident. Your mother and I had it, we had roots that grew towards each other underground, and when all the pretty blossom had fallen from our branches we found that we were one tree and not two.

- Captain Corelli's Mandolin





- Aniruddha Thombre

***************************************************
"A person should not be too honest.
Straight trees are cut first
and Honest people are victimised first."

***************************************************
"Even if a snake is not poisonous,
it should pretend to be venomous."
***************************************************

"The biggest guru-mantra is: Never share your secrets with anybody. ! It will destroy you."
***************************************************

"There is some self-interest behind every friendship.
There is no Friendship without self-interests.
This is a bitter truth."
***************************************************

"Before you start some work, always ask yourself three questions - Why am I doing it, What the results might be and Will I be successful. Only when you think deeply
and find satisfactory answers to these questions, go ahead."
***************************************************

"As soon as the fear approaches near, attack and destroy it."
***************************************************

"Once you start a working on something,
don't be afraid of failure and
don't abandon it.
People who work sincerely are the happiest."
***************************************************

"The fragrance of flowers spreads
only in the direction of the wind.
But the goodness of a person spreads in all direction."
***************************************************

"A man is great by deeds, not by birth."
***************************************************

"Treat your kid like a darling for the first five years.
For the next five years, scold them.
By the time they turn sixteen, treat them like a friend.
Your grown up children are your best friends."
***************************************************

"Books are as useful to a stupid person
as a mirror is useful to a blind person."
***************************************************

"Education is the best friend.
An educated person is respected everywhere.
Education beats the beauty and the youth."

***********************************************








- Aniruddha Thombre

Its really great, if you hear the song sung by Amy Castle You will find it to be a really haunting tune.

Lyrics:-
(Taken from http://cuppycake.com/cuplyric.html)
The "CUPPYCAKE" Song

(Lyrics by Judianna Castle)
is actually the chorus from Amy's version of "You're My Honeybunch"
(music by Judianna and Buddy Castle)

You're my Honeybunch, Sugarplum
Pumpy-umpy-umpkin, You're my Sweetie Pie
You're my Cuppycake, Gumdrop
Snoogums-Boogums, You're the Apple of my Eye
And I love you so and I want you to know
That I'll always be right here
And I love to sing sweet songs to you
Because you are so dear


© 1994 Amy J. Music (ASCAP)










- Aniruddha Thombre

Want to watch a crazy human slingshot?


Watch it here...






- Aniruddha Thombre

Hi Everyone,

Following is the mail received by me from yahoo answers which says that I have voileted yahoo community guidelines. I tried to find out the reason but it seems to be some auto filter / scripts which finds possible community abuse.

So my post was deleted from yahoo and I am posting it here. Its within the Yahoo answers mail to me.

------------------------------------------------

Hello aniruddha

You have posted content to Yahoo! Answers in violation of our Community Guidelines. As a result, your content has been deleted.

Question: What should we do to free our planet from terrorism?


Question Details: Greetings, Your Highness, Before trying to find out the solutions to eliminate terrorism, we need to define it.

What I mean by terrorism is, "Inducing fear in some other person's mind in order to make him /her influenced to behave in a manner which is favoured by the person who makes afraid. Which is nothing but an intrusion in the freedom of the other person involved." This freedom may be of thinking, acting, reacting, communicating or of any other means.

Then what do we do when we impose rule sets before a person borns on this planet? Before a person sees this world. He / She is introduced to n number of laws. When he has his first breath in the world :- Enter the Government, Society, Religions, and a few more social Labels. What for? They say its essential to organise the society. Its essential to provide peace of mind. Its essential for a peaceful society and so on... But in reality what are these laws? A threatening future if some thing is done by the person. Maybe a terroristic approach? If you do this you are going for that amount of period in jail! Maybe a Governed approach of terrorism? Isn't there something that we call like conscience or Vivek? All these laws and bindings are for those who can not think on their own. These are for those who are living in herds besides a human society. Thats why these rules / laws / customs are also same ... as that of in a herd.

Hence, I think Your Highness, that there is a way to make this planet really free of terrorism. To make it really "Free"! (No, I am not an anarchist!) Its not me that thought of this way. It was "Arya Chanakya" when he said, "Education is not in making a person full of information and worldly wise, but its in making a person capable of knowing whats wrong and right." If everyone is Vivekshil, how come one can terrify other to get what he wants done? Still there is a problem, which is the same as current cause of conflicts between persons, regions, religions or nations. Its the way one thinks what is right and at the same time the conflicting party. So, what one more thing is lacking is Tolerance. We suppose ourselves bold if we raise our voice against the roars of the oceans. But we are not courageous enough to let the man speak when we are the ocean. We need to make everyone that much Viveksheel and Tolerant to make this beautiful planet free of terrorism. Free of almost all evils. And really FREE.

We need to make them know, we need to make wisdom flow, we need to make the peace grow.

Aniruddha

www.aniruddhas.com

Deleted Answer: Greetings, Your Highness, Before trying to find out the solutions to eliminate terrorism, we need to define it. What I mean by terrorism is, "Inducing fear in some other person's mind in order to make him /her influenced to behave in a manner which is favoured by the person who makes afraid. Which is nothing but an intrusion in the freedom of the other person involved." This freedom may be of thinking, acting, reacting, communicating or of any other means. Then what do we do when we impose rule sets before a person borns on this planet? Before a person sees this world. He / She is introduced to n number of laws. When he has his first breath in the world :- Enter the Government, Society, Religions, and a few more social Labels. What for? They say its essential to organise the society. Its essential to provide peace of mind. Its essential for a peaceful society and so on... But in reality what are these laws? A threatening future if some thing is done by the person. Maybe a terroristic approach? If you do this you are going for that amount of period in jail! Maybe a Governed approach of terrorism? Isn't there something that we call like conscience or Vivek? All these laws and bindings are for those who can not think on their own. These are for those who are living in herds besides a human society. Thats why these rules / laws / customs are also same ... as that of in a herd. Hence, I think Your Highness, that there is a way to make this planet really free of terrorism. To make it really "Free"! (No, I am not an anarchist!) Its not me that thought of this way. It was "Arya Chanakya" when he said, "Education is not in making a person full of information and worldly wise, but its in making a person capable of knowing whats wrong and right." If everyone is Vivekshil, how come one can terrify other to get what he wants done? Still there is a problem, which is the same as current cause of conflicts between persons, regions, religions or nations. Its the way one thinks what is right and at the same time the conflicting party. So, what one more thing is lacking is Tolerance. We suppose ourselves bold if we raise our voice against the roars of the oceans. But we are not courageous enough to let the man speak when we are the ocean. We need to make everyone that much Viveksheel and Tolerant to make this beautiful planet free of terrorism. Free of almost all evils. And really FREE. We need to make them know, we need to make wisdom flow, we need to make the peace grow. Aniruddha www.aniruddhas.com

Reason of Violation:Chatting & Personal Communications




If you have feedback on this violation, please contact Customer Care.

Yahoo! Answers Team













- Aniruddha Thombre

Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.Home. Work.
Period.



Aniruddha