The sys admin's (and the professor's) daily grind: Do-it-yourself antispam blacklists

Garbage Incinerator

Article from Issue 99/2009
Author(s): , Author(s):

At the Niederrhein University future admins implement spam defense mechanisms by attracting the attention of the Viagra Mafia. The results are pertinacious blacklists and expert knowledge of methods for combating the menace.

A project at Niederrhein University [1], Krefeld, Germany, prepares students for their working lives, teamwork, and the daily madness, part of which is the inflationary emergence of spam. Spam can be fought by the use of various methods, and one of them is the spam blacklist (SBL). Now students at the university are working on implementing and maintaining an SBL.

Following the idea of "Fight Spam with Spam," we deliberately set up IMAP and POP3 mail accounts that were not protected from spam. The accounts acted as honeypots to catch spam mail. To attract spammers, the students spread the honeypot email addresses as widely as they could. To do so, they ignored all the rules concerning responsible use of email addresses and published the addresses on websites in social networks; they also posted in test newsgroups such as de.test and visited the darkest corners of the web they could find.

It didn't take long to achieve satisfactory results: The accounts soon filled up with tons of spam. The students' assignment was to set up a system to determine the origin of the incoming messages as quickly as possible (by identifying the IP address of the sending server) and to add the spam to the blacklist for a defined period of time.

[...]

Use Express-Checkout link below to read the full article (PDF).

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
Print Issues
Digital Issues
 
SUBSCRIPTIONS
Print Subs
Digisubs
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Charly's Column

    The Postfix Policyd plugin fights spam using techniques such as greylisting, source detection, volume measurements, blacklisting, and HELO rotation detection.

    more »
  • Bot_Attack

    While going about his normal duties, Linux Magazine author Charly Kühnast was hit with a mean attack. Charly’s separate anti-spam server, which sits in front of his mail server, saved him from the mail storm.

    more »
  • SpamAssassin

    Even if you do not have a mail server of your own, SpamAssassin can help you filter out unsolicited junk mail. This article describes how SpamAssassin collaborates with Evolution and KMail. Thunderbird, on the other hand, has its own simple spam-detection feature.

    more »
  • KTools: Spam Filter

    The CRM114 filter program, which is integrated with KMail, helps fight spam in POP3 and IMAP mailboxes. Because this flexible filter does not require server-side changes, it is a good choice for users without root access to their mail servers.

    more »
  • Charly’s Column: SendmailAnalyzer

    During the ongoing battle against spam, admins should inspect their troop’s battle lines from time to time. If you don’t relish the thought of counting the dinnerware, you can use the services of a logfile inspector like SendmailAnalyzer, which works surprisingly well with Postfix and the like.

    more »
comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News

Tag Cloud

Administration Community Desktop Events Hardware Linux Mobile Programming Security Software Ubuntu Web Development Windows free software open source