Spamblocker Home Page

DESCRIPTION

Spamblocker is a set of tools written for UNIX / Linux, to periodicaly scan mail log files of sendmail or exim to detect spammers and block them via configuration update of the MTA.

Spamblocker extracts all the sender ip addresses, where the mail agent returned the "User unknown" error three times and more (this value may be adapted in the spamblocker.h file under SPAMLEVEL). The ip addresses are stored in a temporary block file, which will be deleted via crontab every day. This file is defined in the script spamblocker.sh and is by default /tmp/spamblocker.reject Spamblocker uses this temporary block file and updates the access configuration of the running MTA.

If spamblocker is run the first time, it scans the entire mail log. With every subsequent launch of spamblocker, it starts sanning of the mail log file at the point where it finished the last run. If the line at the file position does not match the last scanned line in the previous run (i.e. after log rotation of the system), spamblocker restarts scanning from the beginning of the file. Spamblocker stores these informations int the file /var/cache/spamblocker/spamblocker.dat

The core programm of spamblocker is written in C and extracts the ip's very fast, even on big log files and is therefore adapted for mail servers with large mail traffic.

DOWNLOAD

You may download the latest spamblocker version at the following address:

http://vale.thus.ch/software/spamblocker.tar.gz

INSTALL

To install spamblocker on a Debian Linux, follow these steps: 

1.) tar xvfz spamblocker.tar.gz
2.) cd spamblocker
3.) make
4.) make deb
5.) dpkg -i spamblocker_0.2-0_all.deb

To install spamblocker on another Linux, follow these steps: 

1.) tar xvfz spamblocker.tar.gz
2.) cd spamblocker
3.) make
4.) make install

After installation, spamblocker has an entry in the /etc/crontab file, which starts spamblocker every five minutes with the default configuration in /etc/spamblocker.conf.

CONFIGURATION

The configuration is almost entirely done in the /etc/spamblocker.conf file. The configuration items are all described there.

Spamblocker comes with a default configuration for sendmail. It uses the /var/log/mail file as mail log and updates the access file /etc/main/access.db via makemap and hash class type.

You may alter the configuration for your needs.

USAGE

Spamblocker is a daemon that should be started with the following command: 

/etc/init.d/spamblocker start

UNINSTALL

If you installed spamblocker on a Debian Linux, it is sufficient to call "apt-get remove spamblocker" to remove everything cleanly.

If you installed spamblocker on another Linux System, you have to remove the following files manually. 

/usr/sbin/spamblocker          binary, extracts spammer ip's from given
                               mail log.
/usr/sbin/spamblocker.sh       script that launches the binary and updates
                               MTA configuration periodically
/etc/init.d/spamblocker        starts/stops the spamblocker
/etc/spamblocker.conf          configuration file
/etc/cron.daily/spamblocker    cron script which deletes temporary block
                               file and rotates spamblocker log files

Bug reports

Please report any bugs to Valentin Koch.
Valentin Koch
Last modified: Mon Mar 22 16:05:37 CET 2004