Introduction
I started an academic study ("Implementation of a co-operative anti-spam toolkit") in mid 2006. The main initial idea was to have shared data between several MXes for the same provider.(Refer to MX-record.) Consider the two MXes for domain alfa, α: mx1.domain.α and mx2.domain.α. If both mx1 and mx2 play around same protection mechanisms, they should share the same level of information. Mail attacks, or any spam drop-attempt to mx1 should be known by mx2, and vice-versa.
What I first thought a pretty simple idea, revealed to have multiple applications and points for improvements.
One of the applications for this idea was sharing data using greylistd in a single mxN (called sinlist-server), instead of multiple mx1..N: the system would have data tidy and simultaneously less vulnerable to spam drop attempts.
Anti-spam toolkit overview
The following tools are available for standalone actions:
- gSpamCompare
Analysis of stored emails, and comparing SBLs for some IPs
- gMailKind
Checks MTA connectivity, sends email, and some exercises.
Includes MTA relay checking.
- gSpamDetector
Is still incomplete, but ‘walks’ through an IP or domain.
- gSpamLog
Logs hits on MTAs, checks spam blocking lists and guesses well-behaved and ugly remote servers.
- ‘gSinListd’
A daemon that serves responses to MTAs.
gsinlistd first experimental application was available June 2006.
% cvs log gSinListd.cpp
revision 1.1
date: 2006/06/04 19:07:20; author: henrique; state: Exp;
Still experimental
The first public concept is available at xmtp-sinlist-alfa-07.pdf (mirrored at moreira.dnsalias.org/sinlist/)
No comments:
Post a Comment