Hourly updated phishing sites from phishtank.com
Here I just added a cron for updating daily
a) Create an account at http://phishtank.com
b) create API Key by giving a APP name
c) This is the Database to be downloaded
Code: Select all
http://data.phishtank.com/data/online-valid.php_serialized
Now we need to populate the following file:
Code: Select all
/etc/Mailscanner/phishing.bad.sites.custom
Code: Select all
/etc/cron.daily/
Code: Select all
nano /etc/cron.daily/<YourCronFileName.sh>
Code: Select all
#!/bin/bash
##############################################################
# www.phishtank.com | Phishing Sites #
##############################################################
# Clear Screen
clear
# Get into Mailscanner Folder
cd /etc/MailScanner/
# Create phishing.bad.sites.custom Template
cp phishing.bad.sites.custom phishing.bad.sites.custom.template
sed -i '/cp phishing.bad.sites.custom phishing.bad.sites.custom.template
# Delete Old phishing.bad.sites.custom and create new file from phishing.bad.sites.custom.template
rm -rf /etc/MailScanner/phishing.bad.sites.custom
cp phishing.bad.sites.custom.template phishing.bad.sites.custom
# Download database
wget http://data.phishtank.com/data/<YourApiKey>/online-valid.php_serialized
# Get only urls from database and remove www.phishtank.com urls | Get clean phishtank
cat online-valid.php_serialized | grep -Eo "(http|https)://[a-zA-Z0-9./?=_-]*" | sort | uniq > phishtank
sed -i '/www.phishtank.com/d' phishtank
# Delete downloaded database from phishtank.com
rm -rf /etc/MailScanner/online-valid.php_serialized
# Update phishing.bad.sites.custom from phishtank
cat phishtank >> phishing.bad.sites.custom
# Delete phishtank
rm -rf /etc/MailScanner/phishtank
# Reload Mailscanner
/etc/init.d/mailscanner reload
# Cleanup
clear
echo "Finished"
Code: Select all
chmod +x /etc/cron.daily/<YourCronFileName.sh>
Code: Select all
./etc/cron.daily/<YourCronFileName.sh>
Note: This is a rough script for getting it done