Build your own spamtrap: How to make a spam IP blacklist in 45 minutes

*
Accepted Session
Short Form
Intermediate
Scheduled: Wednesday, June 22, 2016 from 3:45 – 4:30pm in B301

Excerpt

I show how to use Postfix, PowerDNS, Spamassassin, and Python/Flask to trap spam sent to your whole organization (and why you would want such a thing).

Description

Nowadays many people take spam blocking for granted, but antispam is not a solved problem, but a continuous arms race between spammers and the Internet community. Among the tools in our arsenal are DNSBLs, DNS-based blacklists that allow fast, scalable lookups using one of the oldest technologies on the Internet, run by large non-profits and commercial organizations as well as by small hobbyists.

In this workshop I will show how to make one for yourself that uses defunct email addresses as spam traps to feed a DNS blacklist, with a little bit of scripting and some off-the-shelf open source software. We’ll investigate the anatomy of DNS lookups and how antispam tools and mail servers use them for DNSBLs, as well as how to create a tiny web service in Python to accept new spam reports, as well as configuring Spamassassin to use the new DNSBL as a source. Finally, we will examine a couple additional uses for this technique that have very little to do with spam.

Tags

python, flask, spam, antispam, postfix, spamassassin

Speaking experience

I've done commercial consulting for sysadmins, devops teams, and developers on Unix systems administration patterns using open source software for ten years.

Speaker

Leave a private comment to organizers about this proposal