Help-Site Computer Manuals
Software
Hardware
Programming
Networking
  Algorithms & Data Structures   Programming Languages   Revision Control
  Protocols
  Cameras   Computers   Displays   Keyboards & Mice   Motherboards   Networking   Printers & Scanners   Storage
  Windows   Linux & Unix   Mac

SyslogScan::Daemon::SpamDetector::SpamSink
notice messages sent to a honeypot

SyslogScan::Daemon::SpamDetector::SpamSink - notice messages sent to a honeypot


NAME


 SyslogScan::Daemon::SpamDetector::SpamSink - notice messages sent to a honeypot


SYNOPSIS


 plugin SyslogScan::Daemon::SpamDetector as sd_

 sd_plugin SyslogScan::Daemon::SpamDetector::SpamSink

        debug 0

        logfile /var/log/mail.info


DESCRIPTION

Watch the system log files for message sent to spam honeypots.

It looks for the following kind of message line:


 $Date \S+ spamsink: Message-I[dD]: <.*?>

Lines like this can be generate by forwarding mail to a program like:


 #!/bin/sh 

 perl -e '

        $x = <>; 

        while (<>) { 

                last if /^$/; 

                next unless /^(Message-I[dD]: .*)/; 

                $y = $1; 

        } 

        print "$y\n" 

                if      $x =~ /\@/ 

                        && $y =~ /\@/ 

                        && $x !~ /mailer-daemon/i 

                        && $x !~ /postmaster/ ; 

 ' | /usr/bin/logger -p mail.info -t spamsink


CONFIGURATION PARAMETERS

The following configuration parameters are supported:

debug
Debugging on (1) or off (0).

logfile
Which logfile to watch (default: /var/log/syslog).


SEE ALSO

the SyslogScan::Daemon::SpamDetector manpage


THANK THE AUTHOR

If you need high-speed internet services (T1, T3, OC3 etc), please send me your request-for-quote. I have access to very good pricing: you'll save money and get a great service.


LICENSE

Copyright(C) 2006 David Muir Sharnoff <muir@idiom.com>. This module may be used and distributed on the same terms as Perl itself.

Programminig
Wy
Wy
yW
Wy
Programming
Wy
Wy
Wy
Wy