Difference between revisions of "Spam"
| (6 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
| − | There is an effective way to block spam using [[pf]] and spamd (OpenBSD's version, not SpamAssassin's). These are taken directly from [http://www.openbsd.org/papers/bsdcan05-spamd/index.html Bob Beck's slide presentation at BSDCAN 2005] | + | == BSD == |
| + | |||
| + | On OpenBSD this should work out of the box. On FreeBSD you have to mount a fdescfs(5) filesystem in order to get this working. | ||
| + | There is an effective way to block spam using [[pf]] and spamd ([[OpenBSD]]'s version, not SpamAssassin's). These are taken directly from [http://www.openbsd.org/papers/bsdcan05-spamd/index.html Bob Beck's slide presentation at BSDCAN 2005] | ||
in pf.conf (note [[variables]]): | in pf.conf (note [[variables]]): | ||
| Line 14: | Line 17: | ||
*/30 * * * * /usr/local/sbin/spamd-setup | */30 * * * * /usr/local/sbin/spamd-setup | ||
| − | Also probably worth your time to check out your spamd.conf although it shouldn't require modification to work out of the box. Now moving on to the [[Testing:Process]]. | + | Also probably worth your time to check out your spamd.conf although it shouldn't require modification to work out of the box. |
| + | |||
| + | Now moving on to the [[Testing:Process]]. | ||
| + | |||
| + | == Mediawiki == | ||
| + | |||
| + | As this server was attacked by spambots, I'll let you know of some of the resolutions that worked. First, make sure you're using the latest version of Mediawiki, older versions were easier to abuse. | ||
| + | |||
| + | Download the latest [http://www.mediawiki.org/wiki/Extension:ConfirmEdit ConfirmEdit]. In LocalSettings.php after getting your ReCaptcha keys: | ||
| + | |||
| + | require_once( "$IP/extensions/ConfirmEdit/ConfirmEdit.php" ); | ||
| + | require_once( "$IP/extensions/ConfirmEdit/ReCaptcha.php" ); | ||
| + | $wgReCaptchaPublicKey = 'yourpublickeyhere'; | ||
| + | $wgReCaptchaPrivateKey = 'yourprivatekeyhere'; | ||
| + | $wgCaptchaClass = 'ReCaptcha'; | ||
| + | |||
| + | Put this in LocalSettings.php: | ||
| + | |||
| + | $wgEmailConfirmToEdit = true; | ||
| + | |||
| + | to force confirmation of email. I've also added [http://www.mediawiki.org/wiki/Extension:ConfirmAccount ConfirmAccount] | ||
| + | |||
| + | There is no automated way to ban users or delete posts, so you have to do that manually unfortunately. | ||
| + | |||
| + | For cleanup I have installed [http://www.mediawiki.org/wiki/Extension:AbuseFilter AbuseFilter] and [http://www.mediawiki.org/wiki/Extension:NukeDPL NukeDPL] | ||
Latest revision as of 20:09, 6 March 2011
BSD
On OpenBSD this should work out of the box. On FreeBSD you have to mount a fdescfs(5) filesystem in order to get this working. There is an effective way to block spam using pf and spamd (OpenBSD's version, not SpamAssassin's). These are taken directly from Bob Beck's slide presentation at BSDCAN 2005
in pf.conf (note variables):
table <spamd> persist
no rdr on { lo0, lo1 } from any to any
rdr inet proto tcp from <spamd> to any port smtp -> 127.0.0.1 port 8025
table <spamd-white> persist
rdr pass inet proto tcp from !<spamd-white> to any port smtp -> 127.0.0.1 port 8025
pass in log on $ext_if inet proto tcp to $Mail_servers port smtp keep state
pass out log on $ext_if inet proto tcp from $Mail_servers to any port smtp keep state
and add the cronjob:
*/30 * * * * /usr/local/sbin/spamd-setup
Also probably worth your time to check out your spamd.conf although it shouldn't require modification to work out of the box.
Now moving on to the Testing:Process.
Mediawiki
As this server was attacked by spambots, I'll let you know of some of the resolutions that worked. First, make sure you're using the latest version of Mediawiki, older versions were easier to abuse.
Download the latest ConfirmEdit. In LocalSettings.php after getting your ReCaptcha keys:
require_once( "$IP/extensions/ConfirmEdit/ConfirmEdit.php" ); require_once( "$IP/extensions/ConfirmEdit/ReCaptcha.php" ); $wgReCaptchaPublicKey = 'yourpublickeyhere'; $wgReCaptchaPrivateKey = 'yourprivatekeyhere'; $wgCaptchaClass = 'ReCaptcha';
Put this in LocalSettings.php:
$wgEmailConfirmToEdit = true;
to force confirmation of email. I've also added ConfirmAccount
There is no automated way to ban users or delete posts, so you have to do that manually unfortunately.
For cleanup I have installed AbuseFilter and NukeDPL
