Ok, “ClueBringer” has some problems but it’s neat.

by Nick on Aug.10, 2009, under E-Mail, News

Spam is fun. Watching spammers in action is even more fun. Via a friend, I have a very old domain that for which I handle mail. Since only one address is legitimate, it’s easy to use a wild card alias to catch and analyze spam. I implemented some Policies via Policyd2, aka “ClueBringer” (linux kids are cute, aren’t they?) Basically, I added a 20/hour recipient quota, and a 5/hour /24 based sender quota, hoping to bounce a few messages. It never happens. The bot network that sends these messages implements a simple, but effective interpolation scheme where the same address NEVER receives mail from the same ip address, and it always jumps /24s after 2 messages. It’s fascinating to watch.

Posts Related to Ok, "ClueBringer" has some problems but it's neat.

Greylisting…Again
Certain...Parties... Have intoned I am goofy for implementing weird "mail bouncy thing" that is sometimes frustrating and is a silly anti-spam technique. Well, that would ...
Let’s Try This.
So, some of my users are avid World of Warcraft players. They've been complaining that they keep getting phishing schemes in their email accounts. Since ...
SpamAssassin
Spam is the bane of all email servers and services. As I wrote in my email entry, I use Maia, which is a frontend to ...
Chronophage E-mail Settings
I host mail for a few friends and family. I use Postfix as my MTA with Dovecot as my SASL/LDA/POP/IMAP server. Users are authenticated via ...
Postfix MySQL and You!
Postfix is surprisingly flexible. When I initially set it up two years ago, I set it up to reference a database, but I had a ...

:anti-spam, E-Mail, Software

RSS feed for this post (comments)TrackBack URI

Time Devourer
Welcome to my blog. I'm sure it's just like any other blog except for one important difference, it's mine.
You can also subscribe by email by filling the field below:
Static Pages of the Damned
Are you using IPv6?
http://ipv6.chronophage.net
Asteroids!
Feel free to participate in the editioral process of this blog.
WSAD or Arrow keys to fly.
Spacebar to shoot!
By Eric and Erik
Tagalicious
6to4 advocacy anti-spam anti-virus apache bash comics DNS dovecot E-Mail Education Funny Hardware ipv6 joke linux mail Networking php pop-imap postfix Programming Quotes Security shell Software teredo ugly Uncategorized UNIX UNIX 101 virtulization VMware web webmail
Subscribe to blog.chronophage.net via Email

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

What I’m doing…
- RT @NewsCut: Hmmmm. A 9-7 team won the Super Bowl? It's almost as if the Patriots are deeply flawed and overrated. 13 hours ago
- Apparently Josephine looks like me in this picture. http://t.co/rIb98Kbb 2 days ago
- Here, There Be Storage Related Dragons...: http://t.co/HZZVHvCZ 2 days ago
- RT @KenJennings: The new job numbers look so good for Obama that Romney might just have to go fire 10,000 more people. 2 days ago
- All one server, 98% Idle CPU. Behold the power of caching! I may have overbuilt my personal web cluster a bit ;) http://t.co/3y7auH8r 3 days ago
Google Stats

3
Unique
Visitors
Powered By

On Jabber?

Chronophage.net Blog