Ulrich Kautz > Mail-Decency > Mail::Decency::Policy::Honeypot

Download:
Mail-Decency-0.1.6.tar.gz

Dependencies

Annotate this POD

View/Report Bugs
Source  

NAME ^

Mail::Decency::Policy::Honeypot

CONFIG ^

    ---
    
    disable: 0
    
    # attention: enabling this is a good idea if you want thos obvious
    #   spammy mails for later training with your spam filters.
    #   however, if you forget to handle the content filter side with
    #   the Honeycollect module, the mails might just pass to where they
    #   should not: the recipient.
    pass_for_collection: 1
    
    
    # time to live .. for maintenance
    maintenance_ttl: 14d
    
    # list of addresses
    addresses:
        # all incoming mails to those recipients go directly to the blacklist
        - some@address.tld
        - another@domain.tld
    
    # list of domains used for building the blacklist
    domains:
        
        # all incoming mails for this recipient domain
        - spamlover.tld
        
        # use the whoe domain, but some real existing users
        -
            domain: somedomain.tld
            exceptions:
                - realuser
                - anotheremail

DESCRIPTION ^

Honeypot facility. All hosts sending mails to a list of provided recipient emails and/or domains will be rejected and added to a blacklist. Later on, this blacklist will be used for rejected any other mails

DATABASE ^

    CREATE TABLE honeypot_client_address (
        id INTEGER PRIMARY KEY,
        client_address varchar( 39 ),
        created INTEGER
    );
    CREATE UNIQUE INDEX honeypot_client_address_uk ON honeypot_client_address( client_address );
    CREATE INDEX honeypot_client_created_idx ON honeypot_client_address( created );

CLASS ATTRIBUTES ^

addresses : HashRef[Bool]

List of addresses used as honeypot targets

domains : HashRef[Bool]

List of (FULL) domains used as honeypot targets

reject_message : Str

Reject message, if an IP was already on the honeypot blacklist.

Default: "Your host ip is blacklisted"

welcome_message : Str

Reject message, which will be thrown if a new IP is welcomed on the blacklist.

Default: "The honey has been served."

negative_cache : Bool

If enabled: negative answers (not on blacklist) will be stored, too.

pass_for_collection : Bool

If enabled: Do not reject honeypot mails, but flag them so that they can be collected via Mail::Decency::ContentFilter::HoneyCollector

schema_definition : HashRef[Bool]

List of addresses used as honeyport targets

METHODS ^

init

handle

client_blacklisted

Check wheter client is blacklisted.. first in cache, then in database

add_to_blacklist

Add some ip to the blacklist

go_final_state

Overwrite parent mehtod, go only in a final reject state if "pass_for_collection" is 0, otherwise go in final accept, but set flag (for Honeycollector in content filters..)

maintenance

Called by policy server in maintenance mode. Cleans up outdated entries in honeypot database

AUTHOR ^

Ulrich Kautz <uk@fortrabbit.de>

COPYRIGHT ^

Copyright (c) 2010 the "AUTHOR" as listed above

LICENCSE ^

This library is free software and may be distributed under the same terms as perl itself.

syntax highlighting: