one last thing (was: Re: [Spambayes] Ann: A SpamBayes Teergruber
(fights back against spammers))
David McNab
david at rebirthing.co.nz
Sun Aug 17 15:46:52 EDT 2003
If you want to see mtaproxy in action, point your MUA or MTA at
freenet.org.nz
Cheers
David
On Mon, 2003-08-18 at 02:42, David McNab wrote:
> A couple of additional notes:
>
> 1) I haven't found a way to get hammiefilter.py to archive the messages
> it filters (so that I can train spambayes via the web interface).
>
> 2) when forwarding non-spam messages to the mta, mtaproxy does not add
> the spambayes headers
>
> 3) If you want to use the web interface for training, you need to run
> the spambayes pop3server (with the smtp server settings empty, so as not
> to run an smtp proxy). Then, you'll be able to train via the web
> interface (which I find the most convenient).
>
> 4) Yes - I know - with this scheme, messages end up going through
> spambayes twice - once through hammiefilter.py, and once via the pop3
> proxy. But it gave me the fastest way to get things running easily.
> Suggestions and ideas welcome.
>
> Cheers
> David
>
>
> On Mon, 2003-08-18 at 02:33, David McNab wrote:
> > Hi folks,
> >
> > I spent most of this fine Sunday hacking up a teergruber for SpamBayes.
> >
> > http://www.freenet.org.nz/python/mtaproxy
> >
> > Q. What's a 'teergrube'?
> > A. A teergrube (german for 'tarpit') is a program which causes spammers'
> > mail servers to grind to a virtual halt, by sending back incomplete SMTP
> > response lines. If there are enough teergrubes around the world,
> > spammers will go broke.
> > see http://www.iks-jena.de/mitarb/lutz/usenet/teergrube.en.html
> >
> > my little script, mtaproxy.py, is intended to be launched in place of
> > your usual MTA.
> >
> > mtaproxy.py is an SMTP server which listens on port 25, accepts incoming
> > connections, talks SMTP to the MTA or MUA on the other end, receives the
> > headers and data. It pipes the data through SpamBayes'
> > 'hammiefilter.py', and extracts the 'X-Spambayes-Classification' header
> > to see what SpamBayes thinks of it.
> >
> > If SpamBayes decides the message is spam, mtaproxy goes into a mode of
> > drip-feeding SMTP responses back to the spammer's MTA. After a
> > designated 'torture time' (set as a config option), mtaproxy finally
> > sends back a 550 error code.
> >
> > Also, mtaproxy logs the complete spam message, prepended with headers
> > containing the IP address of the spammer's MTA and the time of the
> > incident (in GMT), plus the full message - which should be enough to
> > support a complaint to the spammer's ISP should you so desire.
> >
> > On the other hand, if SpamBayes rules 'ham' or 'unsure', mtaproxy fires
> > up your MTA in 'stdio mode' (ie, as if launched by inetd), and conducts
> > an SMTP session to get the mail delivered normally.
> >
> > I've written mtaproxy to use Exim, since that's the MTA I use (debian).
> > But if you use sendmail or another MTA, then you shouldn't have any
> > trouble if you just configure mtaproxy with a command that launches your
> > MTA in stdio-mode (ie receiving commands and sending responses via
> > standard input and output streams, instead of via sockets).
> >
> > The script seems to be working fine for me - but I release it here with
> > the usual alpha-code warnings - don't trust this until you've supervised
> > it with console logging enabled.
> >
> > Enjoy!
> >
> >
> > Cheers
> > David
> >
> >
> > _______________________________________________
> > Spambayes mailing list
> > Spambayes at python.org
> > http://mail.python.org/mailman/listinfo/spambayes
--
Kind regards
David
--
leave this line intact so your email gets through my junk mail filter
More information about the Spambayes
mailing list