GSP
Quick Navigator

Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages


Manual Reference Pages  -  RELAYDB (8)

NAME

relaydb - spam relay database

CONTENTS

Synopsis
Description
Examples
See Also
History

SYNOPSIS

relaydb [-46bdlnrvw] [-B [+-]num] [-W [+-]num] [-m [+-]days] [-f filename] [-i filename] [-t filename]

DESCRIPTION

relaydb is a mail header analyzer that builds a database of IP addresses either known as legitimate senders or spammers.

relaydb doesn’t itself classify mails as legitimate or spam, that decision needs to be reached through other means. Neither does relaydb block spam itself. It merely provides a list of IP addresses to block through other means, like spamd(8) and pf(4).

relaydb reads a single mail from stdin, analyzes the Received: header lines and updates blacklist and whitelist counters for each IP address.

The options are as follows:

-4 Use only IPv4 addresses, ignoring IPv6 addresses.
-6 Use only IPv6 addresses, ignoring IPv4 addresses.
-a address
  Use the given IP address directly.
-b Blacklist the sender of the mail.
-w Whitelist the sender of the mail.
-B [+-]num
  Match addresses based on blacklist counter. +num matches counters larger than num, -num matches counters smaller than num, num matches counters equal to num.
-W [+-]num
  Match addresses based on whitelist counter.
-d Delete addresses from the database that match the criteria imposed by flags -46bwBWm .
-f filename
  Database file, defaults to $HOME/.relaydb if not specified.
-i filename
  Import a plain text file into the database. The format must match that of relaydb -vl output, only the last field (last modification time) is optional, defaulting to the current time.
-l List the IP addresses of the database. If -b is specified, only hosts considered spammers are listed. If -w is specified, only hosts considered non-spammers are listed. Otherwise, all hosts are listed.
-m [+-]num
  Match addresses based on their last modification time. The last modification time of an address is set to the current time when the address is inserted and whenever an address’ counters are changed. +num matches last modified more than num days ago, -num matches less than num days ago, and num matches exactly num days ago.
-n Don’t read past the first Received: header. By default, relaydb will process all Received: headers as long as the previous header contained an address of a host in the whitelist, trusting the previous host to not have inserted a fake Received: header. This is useful to blacklist senders that send spam through mailing list servers (or other known-good relays), but allows an attacker to first establish a new whitelist entry for a new host, then send spam from the same address, faking further Received: headers, to cause relaydb to blacklist those addresses, causing a denial of service for these addresses.
-r Revert a previously made decision. For instance, if a mail has been run through relaydb -b by mistake, running the same mail through relaydb -rb will correct the mistake. This merely reverts the first run, it doesn’t count the mail as the opposite type. To achieve this, the same mail has to be run through relaydb -w additionally.
-t filename
  Parse a spamd syslog file and increase the last modification time of matching database entries to the time of the most recent spamd connection. The file is expected to have the following format, other lines are ignored:
Nov 20 09:32:19 host spamd[123]: 12.24.56.78: connected (1)

-v Produce more verbose output.

Using procmail recipes like the following ones, each incoming mail can be run through a spam classifier (SpamAssassin, for instance) which tags any detected spam with a X-Spam-Status: header. After tagging, all mails are piped through relaydb with either the -b or -w option, to update the database.

  :0fw
  | /usr/local/bin/spamc
  :0c
  * ^X-Spam-Status: Yes
  | /usr/local/bin/relaydb -b
  :0:
  * ^X-Spam-Status: Yes
  in-x-spam

:0c | /usr/local/bin/relaydb -w

EXAMPLES

  analyze mail and increase sender’s blacklist counter
  $ cat mail | relaydb -b

undo mistaken blacklist counter increment $ cat mail | relaydb -rb

list whitelist entries which have blacklist counters > 100 $ relaydb -vlw -B +100

update last modification times of hosts that connected to spamd recently $ relaydb -t /var/log/daemon

delete all blacklist entries with zero whitelist counters that haven’t been updated within a month $ relaydb -db -W 0 -m +30

SEE ALSO

pf.conf(5), pfctl(8), spamd(8), spamd-setup(8)

HISTORY

The relaydb command appeared in
.Ox 3.3 .
Search for    or go to Top of page |  Section 8 |  Main Index


Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with manServer 1.07.