Tantalus is scheduled for integration in to the much anticipated V 1.10 release of Mail Master. Buy Mail Master, make your life easier, it's cheap, it's good karma, and it doesn't suck.

Dear sysadmin that hates spammers:

You know those nasty spammers that try to guess every username on your box? Well... I was tired of that. So I wrote this milter.

In a nutshell, this program will only allow X many wrong email addresses to come from a SMTP server during X amount of time. If they hit the limit, they get blocked for X amount of time. (All the X's are configurable by you)

This program is to be used in conjunction with a spam filter program such as SpamAssassin

Brian Gannon

PS: Buy Mail Master

Prerequisites:

• Sendmail::Milter - http://sourceforge.net/projects/sendmail-milter/
• Perl 5.6.1+ (even 5.8.0) with threads support compiled in...
• Sendmail with Milter Support compiled in (I'm really serious about this)
• UNIX ... well... I guess I could say you need RAM, a HD, a working OS and and things like that... but you get the picture.
• This program was tested on Mandrake 9.0... and RH 8.0 Your mileage will vary.
• Mysql - mysql... my guess is this will work on postgresql with some tweaking...
• DBI - Perl DBI Interface
• DBD::mysql - Perl Interface for DBI for Mysql

Assumptions:

• Your Sendmail access file is located at /etc/mail/access
  (if not edit tantalus.pl)
• Your aliases are located in /etc/aliases, virtusertable in /etc/mail/virtusertable
  (if not, edit validemails.pl)

Files

• databasesocket.pl - The Database DBI
• dbwrapper.pm - Perl module tantalus.pl calls to make it's DBI calls to databasesocket.pl
• tantalus.pl - The Mail sendmail milter
• tester.pl - This will test the dbwrapper.pm to see if everything is A-OK
• validemails.pl - This generates the validemails.txt file
• LICENSE - GPL Copyright
• README - Program Info
• INSTALL - How to install
• contrib/tantalus.init
• contrib/databasesocket.init

Support

If support tends to get a problem with this, I'll start a mailing list... But for now, email tantalus@linuxmailmanager.com.

How It Works

Let's go through a typical sendmail connection and I'll interject on where things happen

• Connect request to mailserver from smtp.cheese.com
• Sendmail calls tantalus.pl's socket and tells it the hostname
• Tantalus Looks up access file to see if they're in /etc/mail/relay
• Tantalus Calls the DBWrapper through port 9999 to talk to the database and sends the hostname for checking. It returns weither or not to accept mail from them.
• Response returned to sendmail (In this example, GOOD)
• smtp.cheese.com sends MAIL FROM request
• smtp.cheese.com sends a RCPT TO request
• Sendmail calls tantalus' milter.
• Tantalus checks to see if it's a valid email address
• Tantalus calls the DB wrapper to tell the DB it is a wrong email address.
  • if HITS >= X on that server, DB wrapper returns to deny them
• Tantalus tells sendmail that these guys are a joke and just ignore them
• smtp.cheese.com disconnects.
• smtp.cheese.com tries to reconnect.
  • Tantalus callas DBwrapper to check the hostname.
  • Hostname is denied
• sendmail tells them to go away.

That's more or less how it happens.

FAQ

Why do you check email addresses inside your milter? Doesn't sendmail do that?
Yes.. Sendmail does do that.. Unfortunately I'm too early in the game to check weither or not it exists.. (D'OH)

I have a billion virtusertable files, does your program account for that?
Yes.. Edit validemails.pl and put all your virtusertable files in there

Why did you use port 9999? Can't you use a local socket?
I was having problems with the local socket.. so i said screw it In addition, I bound the server to localhost

Do I have to run all these programs as root?
No.. I should not allow root.... but this is version 0.02

What does this have to do with Mail Master?
This program will soon be integrated into Mail Master. Plus if you buy Mail Master, I'll program more neat stuff (and maybe buy a beer).

I think this feature .......... would be great.
That's not a question. Help me code it.. :)

Can a malicious user from hotmail.com send me 10 emails and close my connection to hotmail.com?
Yes. But that's the price you pay... hotmail's SMTP server should retry in a few hours to retry the valid emails.

I don't ever want hotmail.com to be blocked.
Add it to the permaccept table.

Why sendmail?
Sendmail is the most commonly used.. it ships with RH,Mandrake and a few others... If you want to port it.. go for it.

But this won't stop a lot of spam, will it?
No... but it picks up where spamassasin leaves off... use both together :)

Why do you hate spam?
Because

If I add an email address to /etc/aliases or /etc/mail/virtusertable, do i need to restart tantalus or databasesocket?
No.. But you need to run /usr/sbin/validemails.pl If you setup the server correctly, if you restart sendmail, it should regenerate the validemails.conf file correctly.

Change Log

Download it:

tantalus-0.02.tar.gz

Tantalus is distributed under the GNU General Public License Version 2, June 1991