Integrating the DCC into a honeypot?

Ken Herron kjh-4275@attbi.com
Wed May 22 14:06:27 UTC 2002


Howdy folks,

I set up my home system as a honeypot a while back, and some spammers 
finally discovered it.  For the past few days I've had a couple of 
spammers submitting messages to my "open" relay. Now I'm looking for some 
advice on the simplest way to report these messages to the DCC.

My first thought was milter, but that doesn't seem to pan out. I'm doing 
this on Red Hat Linux v7.2, using the sendmail 8.11.6 they supply. 
Apparently this version doesn't include the milter feature. Further, I 
didn't see a dccm feature like dccproc's "-t many" feature to explicitly 
report something as spam.

This leaves me with the spool files that sendmail creates to store each 
message. I'm thinking of scripting something to check the spool every so 
often and feed new messages into dccproc. Can I just feed the body of a 
message directly into dccproc, or would it be necessary to reconstruct 
the message headers as well?

Any other thoughts on the subject?
-- 
Ken Herron



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.