cd bopm-3.1.3

./configure

make

make install

cd

cd bopm

cd bin

./bopm

/*
　
　
BOPM sample configuration
　
　
*/
　
　
options {
/*
* Full path and filename for storing the process ID of the running
* BOPM.
*/
pidfile = "/home/sunucunuzunlogini/bopm/bopm.pid";
　
　
/*
* How many seconds to store the IP address of hosts which are
* confirmed (by previous scans) to be secure. New users from these
* IP addresses will not be scanned again until this amount of time
* has passed. IT IS STRONGLY RECOMMENDED THAT YOU DO NOT USE THIS
* DIRECTIVE, but it is provided due to demand.
*
* The main reason for not using this feature is that anyone capable
* of running a proxy can get abusers onto your network - all they
* need do is shut the proxy down, connect themselves, restart the
* proxy, and tell their friends to come flood.
* 
* Keep this directive commented out to disable negative caching.
*/
negcache = 3600;
　
　
/*
* Amount of file descriptors to allocate to asynchronous DNS. 64
* should be plenty for almost anyone - previous versions of BOPM only
* did one at a time!
*/
dns_fdlimit = 64;
　
　
/*
* Put the full path and filename of a logfile here if you wish to log
* every scan done. Normally BOPM only logs successfully detected
* proxies in the bopm.log, but you may get abuse reports to your ISP
* about portscanning. Being able to show that it was BOPM that did
* the scan in question can be useful. Leave commented for no
* logging.
*/
# scanlog = "/home/sunucunuzunlogini/ircd/bopm/scan.log";
};
　
　
　
　
IRC {
/*
* IP to bind to for the IRC connection. You only need to use this if
* you wish BOPM to use a particular interface (virtual host, IP
* alias, ...) when connecting to the IRC server. There is another
* "vhost" setting in the scan {} block below for the actual
* portscans. Note that this directive expects an IP address, not a
* hostname. Please leave this commented out if you do not
* understand what it does, as most people don't need it.
*/
vhost = "Sunucunuzunipadresi";
　
　
/*
* Nickname for BOPM to use.
*/
nick = "Sproxy";
　
　
/*
* Text to appear in the "realname" field of BOPM's /whois output.
*/
realname = "MegaForum Proxy Koruması";
　
　
/*
* If you don't have an identd running, what username to use.
*/
username = "MegaForum";
　
　
/*
* Hostname (or IP) of the IRC server which BOPM will monitor
* connections on.
*/
server = "Sunucunuzunipadresi";
　
　
　
　
/*
* Password used to connect to the IRC server (PASS)
*/
　
　
password = "supass";
　
　
　
　
/*
* Port of the above server to connect to. This is what BOPM uses to
* get onto IRC itself, it is nothing to do with what ports/protocols
* are scanned, nor do you need to list every port your ircd listens
* on.
*/
port = 6667;
　
　
/*
* Command to execute to identify to NickServ (if your network uses
* it). This is the raw IRC command text, and the below example
* corresponds to "/msg nickserv identify password" in a client. If
* you don't understand, just edit "password" in the line below to be
* your BOPM's nick password. Leave commented out if you don't need
* to identify to NickServ.
*/
nickserv = "privmsg nickserv :identify nicksifresi";
　
　
/*
* The username and password needed for BOPM to oper up.
*/
oper = "Bot opersifresi";
　
　
/*
* Mode string that BOPM needs to set on itself as soon as it opers
* up. This needs to include the mode for seeing connection notices,
* otherwise BOPM won't scan anyone (that's usually umode +c). It's
* often also a good idea to remove any helper modes so that users
* don't try to talk to the BOPM.
*
* REMEMBER THAT IRCU AND LATER VERSIONS OF UNREAL DO NOT USE A SIMPLE
* +c !!
*/
mode = "+sc";
　
　
/* Example for Bahamut; +F gives BOPM relaxed flood limits */
# mode = "+Fc-h";
　
　
/*
* If this is set then BOPM will use it as an /away message as soon as
* it connects.
*/
away = "Proxy Koruma Botuyum. Yazi Yazmayin.";
　
　
/*
* Info about channels you wish BOPM to join in order to accept
* commands. BOPM will also print messages in these channels every
* time it detects a proxy. Only IRC operators can command BOPM to do
* anything, but some of the things BOPM reports to these channels
* could be soncidered sensitive, so it's best not to put BOPM into
* public channels.
*/
channel {
/*
* Channel name. Local ("&") channels are supported if your ircd
* supports them.
*/
name = "[URL=http://www.megaforum.com/usertag.php?do=list&action=hash&hash=Opers%22]#Opers"[/URL]
　
　
/*
* If BOPM will need to use a key to enter this channel, this is
* where you specify it.
*/
# key = "somekey";
　
　
/*
* If you use ChanServ then maybe you want to set the channel
* invite-only and have each BOPM do "/msg ChanServ invite" to get
* itself in. Leave commented if you don't, or if this makes no
* sense to you.
*/
# invite = "privmsg chanserv :invite [URL=http://www.megaforum.com/usertag.php?do=list&action=hash&hash=Opers%22]#Opers"[/URL]
};
　
　
/*
* You can define a bunch of channels if you want:
*
* channel { name = "[URL=http://www.megaforum.com/usertag.php?do=list&action=hash&hash=other%22]#other"[/URL] }; channel { name="[URL=http://www.megaforum.com/usertag.php?do=list&action=hash&hash=channel%22]#channel"[/URL] }
*/
　
　
/*
* connregex is a POSIX regular expression used to parse connection
* (+c) notices from the ircd. The complexity of the expression should
* be kept to a minimum.
* 
* Items in order MUST be: nick user host IP
*
* BOPM will not work with ircds which do not send an IP in the
* connection notice.
*
* This is fairly complicated stuff, and the consequences of getting
* it wrong are the BOPM does not scan anyone. Unless you know
* absolutely what you are doing, please just uncomment the example
* below that best matches the type of ircd you use.
*
* !!! NOTE !!! If a connregex for your ircd does not appear here and the
* hybrid connregex does not appear to work, check the BOPM FAQ at 
* [url]http://blitzed.org/bopm/faq.phtml[/url] before contacting our lists for help.
*
*/
　
　
/* Hybrid / Bahamut / Unreal (in HCN mode) */
connregex = "\\*\\*\\* Notice -- Client connecting: ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";
/*
* Ultimate ircd - note the control-B characters around Connect/Exit,
* that is because that text appears in bold in the actual connect
* notice. Be very careful when editing this, do it as you would put
* bold characters into IRC MOTDs.
*/
# connregex = "\\*\\*\\* Connect/Exit -- from [^:]+: Client connecting on port [0-9]+: ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";
　
　
/*
* SorIRCd 1.3.4+ / StarIRCd 5.26+.
*/
# connregex = "\\*\\*\\* Notice -- Client connecting on port [0-9]+: ([^ ]+) \\(([^@]+)@([^\\)]+)\\) \\[([0-9\\.]+)\\].*";
　
　
　
　
/*
* "kline" controls the command used when an open proxy is confirmed.
* We suggest applying a temporary (no more than a few hours) KLINE on the host.
*
* <WARNING>
* Please note that if you are matching against our DNSBL
* opm.blitzed.org (see further below), then you will need some way to
* let users know how they can be removed from this DNSBL. That is
* the purpose of the blitzed.org URL in the example message, so
* please do not remove it unless you also disable DNSBL lookups (or
* if you use a different DNSBL).
*
* Also note that you cannot include ':' characters actually inside
* the KLINE message (e.g. for a http:// address).
*
* Users rewriting this message into something that isn't even a valid
* IRC command is the single most common cause of support requests and
* therefore WE WILL NOT SUPPORT YOU UNLESS YOU USE ONE OF THE EXAMPLE
* KLINE COMMANDS BELOW.
* </WARNING>
*
* That said, should you wish to customise this text, several
* printf-like placeholders are available:
*
* %n User's nick
* %u User's username
* %h User's irc hostname
* %i User's IP address
*
*/
kline = "GLINE *@%i 10d :Proxy Kullandiniz.";
　
　
/*
* If you would prefer very plain pages then try this one. There's
* also an index3.phtml which is even more plain, useful for parsing
* via your own pages if you are trying to make your own interface to
* it. If you know XML though, talk to [email]webmaster@blitzed.org[/email] about
* use of the XML interface to it.
*/
# kline = "KLINE *@%h :Open Proxy found on your host. Please visit [url]www.blitzed.org/opm/index2.phtml?ip=%i[/url] for more information.";
　
　
/* A GLINE example for IRCu: */
# kline = "GLINE +*@%i 1800 :Open proxy found on your host. Please visit [url]www.blitzed.org/proxy?ip=%i[/url] for more information.";
　
　
/*
* Text to send on connection, these can be stacked and will be sent in this order
* 
* !!! UNREAL USERS PLEASE NOTE !!!
* Unreal users will need PROTOCTL HCN to force hybrid connect
* notices.
*
* Yes Unreal users! That means you! That means you need the line
* below! See that thing at the start of the line? That's what we
* call a comment! Remove it to UNcomment the line.
*/
perform = "PROTOCTL HCN";
　
　
};
　
　
　
　
/*
* OPM Block defines blacklists and information required to report new proxies
* to a dns blacklist. DNS-based blacklists store IP addresses in a DNS zone
* file. In the case of opm.blitzed.org, we store the IP addresses of known
* insecure proxy servers. By checking against this blacklist, BOPMs are able
* to ban known proxies without having to scan them all.
*
* If you still don't underdstand what a DNSBL is, have a look at
* [url]http://www.blitzed.org/opm[/url].
*/
　
　
OPM {
　
　
blacklist {
name = "dnsbl.proxybl.org";
type = "A record reply";
reply {
2 = "Open proxy";
};
ban_unknown = no;
kline = "GLINE *@%h 24d :4Proxy le Giriş yaptı bu kişi uzaklaştırıldı"; 
};
blacklist {
name = "rbl.efnet.org";
type = "A record reply";
reply {
1 = "Open proxy";
2 = "Trojan spreader";
3 = "Trojan infected client";
4 = "TOR exit server";
5 = "Drones / Flooding";
};
ban_unknown = no;
kline = "GLINE *@%h 24d :4Proxy le Giriş yaptı bu kişi uzaklaştırıldı"; };
　
　
# /* ircbl.ahbl.org - see [url]http://ahbl.org/docs/ircbl[/url]
# * [url]http://oldwww.temp.ahbl.org/docs/ircbl.php[/url] */
blacklist {
name = "ircbl.ahbl.org";
type = "A record reply";
ban_unknown = no;
reply {
2 = "Open proxy";
};
kline = "GLINE *@%h 24d :4Proxy ile Giriş yaptı bu kişi uzaklaştırıldı";
};
　
　
/* tor.dnsbl.sectoor.de - [url]http://www.sectoor.de/tor.php[/url] */
blacklist {
name = "tor.dnsbl.sectoor.de";
type = "A record reply";
reply {
1 = "Tor exit server";
};
ban_unknown = no;
kline = "GLINE *@%h 24d :4Proxy ile Giriş yaptı bu kişi uzaklaştırıldı";
};
blacklist {
name = "dnsbl.dronebl.org";
type = "A record reply";
reply {
2 = "Sample";
5 = "Bottler";
7 = "DDOS Drone";
8 = "SOCKS Proxy";
9 = "HTTP Proxy";
10 = "ProxyChain";
12 = "Trolls (perm)";
13 = "Brute force attackers";
14 = "Open Wingate Proxy";
15 = "Compromised router / gateway";
};
ban_unknown = no;
kline = "GLINE *@%i 24d :4Proxy ile Giriş yaptı bu kişi uzaklaştırıldı";
};
blacklist {
name = "tor.dnsbl.sectoor.de";
type = "A record reply";
reply {
1 = "Tor exit server";
};
ban_unknown = no;
kline = "GLINE *@%i 24d :4Proxy ile Giriş yaptı bu kişi uzaklaştırıldı";
};
blacklist {
name = "tor.dan.me.uk";
type = "A record reply";
reply {
100 = "Tor exit server";
};
ban_unknown = no;
kline = "GLINE *@%i 24d :4Proxy ile Giriş yaptı bu kişi uzaklaştırıldı";
};
blacklist {
name = "tor.ahbl.org";
type = "A record reply";
reply {
2 = "Tor exit server";
};
ban_unknown = no;
kline = "GLINE *@%i 24d :4Proxyle Giriş yaptı bu kişi uzaklaştırıldı";
};
/*
* You can specify multiple DNSBLs. Some people see "opm.blitzed.org"
* and mindlessly change the "blitzed.org" part to be their own
* domain. Please don't do this unless you really do run your own
* DNSBL, all you will accomplish is filling your channels with DNS
* error messages. opm.blitzed.org should be adequate for most
* people.
*/
　
　
/* example: NJABL - please read [url]http://www.njabl.org/use.html[/url] before
* uncommenting */
# blacklist {
# name = "dnsbl.njabl.org";
# type = "A record reply";
# reply {
# 9 = "Open proxy";
# };
# ban_unknown = no;
# kline = "KLINE *@%h :Open proxy found on your host, please visit www.njabl.org/cgi-bin/lookup.cgi?query=%i";
# };
　
　
/*
* You can report the insecure proxies you find to our DNSBL also!
* The remaining directives in this section are only needed if you
* intend to do this. Reports are sent by email, one email per IP
* address. The format does support multiple addresses in one email,
* but we don't know of any servers that are detecting enough insecure
* proxies for this to be really necessary.
*/
　
　
/*
* Email address to send reports FROM. If you intend to send reports,
* please pick an email address that we can actually send mail to
* should we ever need to contact you.
*/
# dnsbl_from = "mybopm@myserver.org";
　
　
/*
* Email address to send reports TO.
*/
# dnsbl_to = "bopm@reports.blitzed.org";
　
　
/*
* Full path to your sendmail binary. Even if your system does not
* use sendmail, it probably does have a binary called "sendmail"
* present in /usr/sbin or /usr/lib. If you don't set this, no
* proxies will be reported.
*/
# sendmail = "/usr/sbin/sendmail";
};
　
　
　
　
/*
* The short explanation:
*
* This is where you define what ports/protocols to check for. You can have
* multiple scanner blocks and then choose which users will get scanned by
* which scanners further down.
*
* The long explanation:
*
* Scanner defines a virtual scanner. For each user being scanned, a scanner
* will use a file descriptor (and subsequent connection) for each protocol.
* Once connecting it will negotiate the proxy to connect to
* target_ip:target_port (target_ip MUST be an IP).
*
* Once connected, any data passed through the proxy will be checked to see if
* target_string is contained within that data. If it is the proxy is
* considered open. If the connection is closed at any point before
* target_string is matched, or if at least max_read bytes are read from the
* connection, the negotiation is considered failed.
*/
　
　
scanner { 
name="default"; 
protocol = HTTP:80; 
protocol = HTTP:8080; 
protocol = HTTP:3128; 
protocol = HTTP:6588; 
protocol = HTTP:81; 
protocol = HTTP:8000; 
protocol = HTTP:8001; 
protocol = HTTP:8081; 
protocol = HTTPPOST:80; 
protocol = HTTPPOST:81; 
protocol = HTTPPOST:6588; 
protocol = HTTPPOST:4480; 
protocol = HTTPPOST:8000; 
protocol = HTTPPOST:8001; 
protocol = HTTPPOST:8080; 
protocol = HTTPPOST:8081; 
protocol = SOCKS4:1080; 
protocol = SOCKS4:14281; 
protocol = SOCKS4:1029; 
protocol = SOCKS4:1212; 
protocol = SOCKS4:4914; 
protocol = SOCKS4:6826; 
protocol = SOCKS4:7198; 
protocol = SOCKS4:7366; 
protocol = SOCKS4:9036; 
protocol = SOCKS4:18572; 
protocol = SOCKS4:8481; 
protocol = SOCKS4:2782; 
protocol = SOCKS4:6598; 
protocol = SOCKS4:8725; 
protocol = SOCKS4:18292; 
protocol = SOCKS4:37046; 
protocol = SOCKS4:17979; 
protocol = SOCKS4:3380; 
protocol = SOCKS4:19232; 
protocol = SOCKS4:53431; 
protocol = SOCKS4:1979; 
protocol = SOCKS4:3380; 
protocol = SOCKS4:45479; 
protocol = SOCKS4:43871; 
protocol = SOCKS4:58632; 
protocol = SOCKS4:48860; 
protocol = SOCKS4:26841; 
protocol = SOCKS4:39470; 
protocol = SOCKS4:7545; 
protocol = SOCKS4:12781; 
protocol = SOCKS4:29913; 
protocol = SOCKS4:54906; 
protocol = SOCKS4:6134; 
protocol = SOCKS4:7040; 
protocol = SOCKS4:2373; 
protocol = SOCKS4:4471; 
protocol = SOCKS4:19310; 
protocol = SOCKS4:2425; 
protocol = SOCKS4:12654; 
protocol = SOCKS4:53605; 
protocol = SOCKS4:24781; 
protocol = SOCKS4:4777; 
protocol = SOCKS4:50115; 
protocol = SOCKS4:39540; 
protocol = SOCKS4:65490; 
protocol = SOCKS4:35803; 
protocol = SOCKS4:53838; 
protocol = SOCKS4:43479; 
protocol = SOCKS4:6064; 
protocol = SOCKS4:15113; 
protocol = SOCKS4:59467; 
protocol = SOCKS4:8923; 
protocol = SOCKS4:48561; 
protocol = SOCKS4:55822; 
protocol = SOCKS4:14795; 
protocol = SOCKS4:10197; 
protocol = SOCKS4:36135; 
protocol = SOCKS4:41417; 
protocol = SOCKS4:12952; 
protocol = SOCKS4:36508; 
protocol = SOCKS4:4960; 
protocol = SOCKS4:42468; 
protocol = SOCKS4:48649; 
protocol = SOCKS5:14795; 
protocol = SOCKS5:42468; 
protocol = SOCKS5:4960; 
protocol = SOCKS5:22808; 
protocol = SOCKS5:12952; 
protocol = SOCKS5:41417; 
protocol = SOCKS5:48649; 
protocol = SOCKS5:36135; 
protocol = SOCKS5:3320; 
protocol = SOCKS5:8500; 
protocol = SOCKS5:10197; 
protocol = SOCKS5:55822; 
protocol = SOCKS5:43479; 
protocol = SOCKS5:53838; 
protocol = SOCKS5:24781; 
protocol = SOCKS5:12654; 
protocol = SOCKS5:4471; 
protocol = SOCKS5:2373; 
protocol = SOCKS5:7040; 
protocol = SOCKS5:54906; 
protocol = SOCKS5:29913; 
protocol = SOCKS5:1813; 
protocol = SOCKS5:1080; 
protocol = SOCKS5:14281; 
protocol = SOCKS5:1029; 
protocol = SOCKS5:1212; 
protocol = SOCKS5:8481; 
protocol = SOCKS5:18572; 
protocol = SOCKS5:4438; 
protocol = SOCKS5:5104; 
protocol = SOCKS5:5113; 
protocol = SOCKS5:5262; 
protocol = SOCKS5:5634; 
protocol = SOCKS5:6552; 
protocol = SOCKS5:6561; 
protocol = SOCKS5:7464; 
protocol = SOCKS5:7810; 
protocol = SOCKS5:8130; 
protocol = SOCKS5:8148; 
protocol = SOCKS5:8520; 
protocol = SOCKS5:8814; 
protocol = SOCKS5:9100; 
protocol = SOCKS5:9186; 
protocol = SOCKS5:9447; 
protocol = SOCKS5:9578; 
protocol = ROUTER:23; 
protocol = WINGATE:23; 
vhost = "Sunucunuzunipadresi"; 
　
　
　
　
fd = 512;
　
　
max_read = 4096;
　
　
timeout = 30;
　
　
target_ip = "Sunucunuzunipadresi";
　
　
target_port = 6667;
　
　
　
　
/* Usually first line sent to client on connection to ircd. 
* If your ircd supports a more specific line (see below),
* using it will reduce false positives.
*/
#target_string = "*** Looking up your hostname...";
　
　
/* Some ircds give a source for the NOTICE AUTH (bahamut for example).
* It is recommended you use the following instead of the generic
* "*** Looking up your hostname..." if your ircd supports it. 
* This will reduce the chances of false positives.
*/
target_string = ":irc.sunucunuzunlogini.com NOTICE AUTH :*** Looking up your hostname...";
　
　
/* If you try to connect too fast, you'll be throttled by your own
* ircd. Here's what a hybrid throttle message looks like:
*/
target_string = "ERROR :Trying to reconnect too fast.";
　
　
/* And the same for bahamut (comment this out if you're not using bahamut): */
target_string = "ERROR :Your host is trying to (re)connect too fast -- throttled.";
};
　
　
scanner { 
name = "extended"; 
protocol = HTTP:81; 
protocol = HTTP:8000; 
protocol = HTTP:8001; 
protocol = HTTP:8081; 
protocol = HTTPPOST:81; 
protocol = HTTPPOST:6588; 
# protocol = HTTPPOST:4480; 
protocol = HTTPPOST:8000; 
protocol = HTTPPOST:8001; 
protocol = HTTPPOST:8080; 
protocol = HTTPPOST:8081; 
/*
* IRCnet have seen many socks5 on these ports, more than on the
* standard ports even.
*/
protocol = SOCKS4:4914;
protocol = SOCKS4:6826;
protocol = SOCKS4:7198;
protocol = SOCKS4:7366;
protocol = SOCKS4:9036;
　
　
protocol = SOCKS5:4438;
protocol = SOCKS5:5104;
protocol = SOCKS5:5113;
protocol = SOCKS5:5262;
protocol = SOCKS5:5634;
protocol = SOCKS5:6552;
protocol = SOCKS5:6561;
protocol = SOCKS5:7464;
protocol = SOCKS5:7810;
protocol = SOCKS5:8130;
protocol = SOCKS5:8148;
protocol = SOCKS5:8520;
protocol = SOCKS5:8814;
protocol = SOCKS5:9100;
protocol = SOCKS5:9186;
protocol = SOCKS5:9447;
protocol = SOCKS5:9578;
protocol = WINGATE:1181;
protocol = SOCKS5:1180;
protocol = HTTPPOST:3128;
protocol = HTTP:3128;
protocol = HTTP:80;
protocol = HTTPPOST:555;
protocol = HTTP:1182;
protocol = HTTPPOST:6588;
protocol = SOCKS5:1813;
protocol = HTTP:4480;
protocol = HTTP:8000;
protocol = HTTP:9778;
protocol = HTTP:25318;
protocol = SOCKS5:25791;
protocol = HTTPPOST:8000;
protocol = SOCKS5:5104;
protocol = HTTP:81;
protocol = HTTP:2282;
protocol = SOCKS5:5262;
protocol = HTTPPOST:5121;
protocol = SOCKS5:8814;
protocol = SOCKS5:6552;
protocol = SOCKS5:4438;
protocol = HTTPPOST:81;
protocol = SOCKS5:8148;
protocol = SOCKS5:4044;
protocol = HTTPPOST:4480;
protocol = SOCKS5:9186;
protocol = SOCKS5:8130;
protocol = HTTPPOST:8548;
protocol = SOCKS5:5634;
　
　
　
　
　
　
fd = 400;
　
　
/* If required you can add settings such as target_ip here
* they will override the defaults set in the first scanner
* for this and subsequent scanners defined in the config file
* This affects the following options:
* fd, vhost, target_ip, target_port, target_string, timeout and
* max_read.
*/
};
　
　
　
　
　
　
/*
* User blocks define what scanners will be used to scan which hostmasks. When
* a user connects they will be scanned on every scanner {} (above) that
* matches their host.
*/
　
　
user {
/*
* Users matching this host mask will be scanned with all the
* protocols in the scanner named.
*/
mask = "*!*@*";
scanner = "default";
};
　
　
user {
/* Connections without ident will match on a vast number of connections
* very few proxies run ident though */
# mask = "*!~*@*";
mask = "*!squid@*";
mask = "*!nobody@*";
mask = "*!www-data@*";
mask = "*!cache@*";
mask = "*!CacheFlowS@*";
mask = "*!*@*www*";
mask = "*!*@*proxy*";
mask = "*!*@*cache*";
mask = "*!*@*.optonline.net";
mask = "*!*@24.191.0.*";
mask = "*!*@*.comcast.net";
mask = "*!*@*.attbi.com";
mask = "*!*@*.gbt2003.com";
mask = "*!*@*.interbusiness.it"; 
mask = "*!*@*.il24.net";
mask = "*!*@*.bbtec.net";
mask = "*!*@*.speedy.net.pe";
mask = "*!*@*.telesp.net.br";
mask = "*!*@*.enamm.edu.pe";
mask = "*!*@*.lv.lv.cox.net";
mask = "*!*@*.ipt.aol.com";
　
　
scanner = "extended";
};
　
　
　
　
/*
* Exempt hosts matching certain strings from any form of scanning or dnsbl.
* BOPM will check each string against both the hostname and the IP address of
* the user.
*
* There are very few valid reasons to actually use "exempt". BOPM should
* never get false positives, and we would like to know very much if it does.
* One possible scenario is that the machine BOPM runs from is specifically
* authorized to use certain hosts as proxies, and users from those hosts use
* your network. In this case, without exempt, BOPM will scan these hosts,
* find itself able to use them as proxies, and ban them.
*/
exempt {
mask = "*!*@Sunucunuzunipadresi";
};