New Milter coming

Dennis Willson taz at taz-mania.com
Tue Nov 28 19:39:24 GMT 2006


I have been writing a milter I call milter-spamtrap. It allows an 
active sendmail server to also be a spamtrap or honeypot. 

You can have email addresses within a domain that is actually used for 
real users or dedicate entire domains or any combination of both as 
your honeypots.

Upon receiving an email for an email address defined as a 
honeypot/SpamTrap, the milter will log the IP address and optionally 
the headers and/or body of the email in either a text file or to a 
MySQL database or both. It can cache in memory the IP addresses of 
offending servers and from then on block them upon connection.

A future enhancement will be to scan the database via a cron job and 
create a DNSBL zone file for publishing a blacklist. The saved 
headers/body can be used as evidence as to why a server was 
blacklisted. Many, many configurable options including Whitelisting 
via CIDR block so some servers will never be listed as an offending 
server if you want.

I believe I will have it ready for Beta (although I am testing/using 
it myself right now) sometime next week. I'm 'pre-announceing' so that 
if there is any interest I will package it for others to use and make 
it available and I need to do additional documenation if others are 
going to use it. If there's no interest I will just use it myself.

--------------------------------------------------
Dennis Willson

taz at taz-mania.com
http://www.taz-mania.com

Ham (Extra Class): ka6lsw
Scuba: Rescue Diver, EANx, Wreck, Night, Alt, Equip, UW Photographer, 
Gas Blender

Owner: Kepnet Internet Services

Life should not be a journey to the grave with the intention of 
arriving safely in a nice looking and well preserved body, but rather 
to skid in broadside, thoroughly used up, totally worn out, and loudly 
proclaiming, "WOW! WHAT A RIDE!"


More information about the MailScanner mailing list