spamhammerd – give spammers the meathammer in real time

Original project URL:

http://n0rp.chemlab.org/spamhammer

Original code: Steve j. Kondik (shade at chemlab.org)

this code will monitor a postfix log and watch for “550″ errors (user unknown). after a threshold is reached, the ip generating the excessive errors will be added to the block list. spammers are sloppy and generally tend to blast everyone on their list at the same time.

This is mostly useless unless used on a high-volume server.

My tiny modifications…

Modified Feb 2007
Changes: Selective parsing to for use with combined logs (A single logfile with postfix, amavis, SPF)
Changed error from “550″ to “450″
Changes on the arrays numbers to match log fields.
Tested on Slackware Linux.
Added iptables blocking.

Usage:
Apply the filter @ Postfix’s main.cf (spammers & spammers.db should be created by the script before reload postfix)
smtpd_client_restrictions = check_client_access hash:/etc/postfix/generated/spammers

Modified Code:

http://www.fathersfate.com.mx/wordpress/code/spamhammer.txt



Incoherencias parecidas y calificaciones a este post:
0 votos Vota!!
  • Defeat Spam Dictionary Attacks to POSTFIX
  • The pirate bay Down
  • SASL + Slack + Postfix
  • NO PULSES EL BOTON ROJO!!!
  • ANKLA – Deceit
    •