Top Page
tarpit checks Japanese Page

tarpit checks

Python filter daemon to prevent to duplicate tarpitting.

download
source archive


2011/06/21 Create
This is Postfix filter tools to prevent to duplicate tarpitting.

usage: tarpit_checks.py

[--sleep=N(default:65(sec))] tarpit time
[--check_port=N(default:60001)] check for smtpd_recipient_restrictions(or etc)
[--store_port=N(default:60002)] store for smtpd_data_restrictions(or etc)
[--cmd_port=N(default:60003)] del=entry/check=entry/all/info (N == 0 means disabled)
[--bind_host=host(default:localhost)] for check_port, store_port, cmd_port
[--addr_mask=nbits(default:24)] IP address grouping for DB key
[--threshold=N(default:1(times))] threshold count for untarpit
[--db=path(default:"/etc/postfix/tarpit_checks.db")]

localhost:60001 is query port for tarpitting
localhost:60002 is register port for untarpitting
localhost:60003 is command port for maintenance DB



Usage: (from tarpit_check.py's header) 
# example)
# =================================================================
#  main.cf
# -----------------------------------------------------------------
#  smtpd_restriction_classes = tarpit_checks (, other_classes...)
#  tarpit_checks = check_policy_service inet:127.0.0.1:60001
#
#  # you can use smtpd_client_restrictions instead of
#  #  smtpd_data_restrictions, if smtpd_delay_reject = no.
#  #
#  smtpd_data_restrictions = permit_mynetworks
#    # permit and reject lines (permit_sasl_authenticated, or etc...)
#             :
#    check_client_access regexp:/etc/postfix/tarpit_checks
#
#  smtpd_end_of_data_restrictions = permit_mynetworks
#    # permit and reject lines (permit_sasl_authenticated, or etc...)
#             :
#    check_policy_service  inet:60002
#
#
# =================================================================
#  /etc/postfix/tarpit_checks
# -----------------------------------------------------------------
#  *** WHITE LIST ***
#  /a\.example\.com$/    DUNNO
#      :
#  *** BLACK LIST ***
#  /b\.example\.com$/    DUNNO
#      :
#  *** tarpit (all host) ***
#  /.*$/                 tarpit_checks
#      :
#
#
# =================================================================
#  /etc/rc.local
# -----------------------------------------------------------------
#      :
#  /usr/bin/python /etc/postfix/tarpit_checks.py
#
#
# =================================================================
#  maintenance commands (check='ipaddr', del='ipaddr', info, all)
# -----------------------------------------------------------------
# % telnet 60003
# Trying 127.0.0.1...
# Connected to localhost.
# Escape character is '^]'.
# check=10.10.10.10
# 10 objs
#

..up menu