From owner-freebsd-questions@FreeBSD.ORG Wed Apr 28 07:01:06 2010 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id AEE731065670 for ; Wed, 28 Apr 2010 07:01:06 +0000 (UTC) (envelope-from m.seaman@infracaninophile.co.uk) Received: from smtp.infracaninophile.co.uk (smtp.infracaninophile.co.uk [81.187.76.162]) by mx1.freebsd.org (Postfix) with ESMTP id 1F4718FC12 for ; Wed, 28 Apr 2010 07:01:05 +0000 (UTC) Received: from seedling.black-earth.co.uk (seedling.black-earth.co.uk [81.187.76.163]) (authenticated bits=0) by smtp.infracaninophile.co.uk (8.14.4/8.14.4) with ESMTP id o3S6xjUq065129 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Wed, 28 Apr 2010 07:59:46 +0100 (BST) (envelope-from m.seaman@infracaninophile.co.uk) Message-ID: <4BD7DCE1.9070004@infracaninophile.co.uk> Date: Wed, 28 Apr 2010 07:59:45 +0100 From: Matthew Seaman Organization: Infracaninophile User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; en-US; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4 MIME-Version: 1.0 To: John References: <20100427193106.GA91570@elwood.starfire.mn.org> In-Reply-To: <20100427193106.GA91570@elwood.starfire.mn.org> X-Enigmail-Version: 1.0.1 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 7bit X-Virus-Scanned: clamav-milter 0.96 at happy-idiot-talk.infracaninophile.co.uk X-Virus-Status: Clean X-Spam-Status: No, score=-1.1 required=5.0 tests=BAYES_00,DKIM_ADSP_ALL, SPF_FAIL autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on happy-idiot-talk.infracaninophile.co.uk Cc: freebsd-questions@freebsd.org Subject: Re: Really simple spam trap - /dev/pf permissions? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 28 Apr 2010 07:01:06 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 27/04/2010 20:31:06, John wrote: > I have done a monkey-simple spam trap. It just so happens that I have > a dozen or more user accounts that haven't been actually used in over five > years and get dozens of spam hits every day. I had been just sending > them all to /dev/null with a sendmail alias. > > It seems to me that these are perfect trap e-mails for spam, and > in the course of playing with what I'm attempting to do, it really > does look that the only thing that hits them are spam messages. > > So, I built this really simple perl script, which gets invoked through > a sendmail alias, as such: > sink: "| /home/john/spamsink >> /tmp/blacklist" > and then I alias various of the old, dead accounts to "sink". Check out the mail/spamd port -- it does what you want, and more besides. The keyword is 'greytrapping' Also, as it works against the host that connects to your server, rather than anything in the message headers (probably forged by the spammers) it's much better targeted. Oh, and the action on discovered spammers is not simply to block their access, but to engage them in a long drawn out and ultimately futile SMTP coversation, thus wasting their resources and giving them a generally bad day. Cheers, Matthew - -- Dr Matthew J Seaman MA, D.Phil. 7 Priory Courtyard Flat 3 PGP: http://www.infracaninophile.co.uk/pgpkey Ramsgate Kent, CT11 9PW -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAkvX3OEACgkQ8Mjk52CukIzb2ACdG523qc8D90mB1M5/ixxcotlk LXsAn35ruIpvNVC3UkSxItADOVVbL0JO =FIpU -----END PGP SIGNATURE-----