The UNIX and Linux Forums  

Go Back   The UNIX and Linux Forums > Top Forums > UNIX for Advanced & Expert Users
Email Authentication Gateway Software? (Challenge/Response) Email Authentication Gateway Software? (Challenge/Response)
Google UNIX.COM
Forums Portal Register Forum Rules FAQContribute Members List Arcade Search Today's Posts Mark Forums Read


UNIX for Advanced & Expert Users Advanced UNIX and Linux questions go here. Expert-to-Expert.

More UNIX and Linux Forum Topics You Might Find Helpful
Thread Thread Starter Forum Replies Last Post
sed xml challenge katrvu Shell Programming and Scripting 2 04-10-2008 04:50 PM
AWK Challenge netmedic Shell Programming and Scripting 9 02-18-2008 12:08 AM
Symark Software Named to Software Magazine’s Software 500 for ... - Business Wire (pr iBot UNIX and Linux RSS News 0 10-29-2007 05:40 AM
Password-based challenge-response heroine Security 1 12-29-2006 07:09 PM
X25 Address - A challenge... peter.herlihy UNIX for Advanced & Expert Users 1 12-01-2001 10:53 AM

Reply
 
Submit Tools LinkBack Thread Tools Display Modes
  #1 (permalink)  
Old 12-30-2004
Neo's Avatar
Neo Neo is offline
Administrator
  

Join Date: Sep 2000
Location: Asia Pacific
Posts: 4,295
Stumble this Post!
Email Authentication Gateway Software? (Challenge/Response)
Happy Holiday Season All,

I once found a software package on the web that was pretty cool. The package was used in conjunction with sendmail or procmail (I think) and would compare the senders email address to a database on the server. If the senders address was not in the database, it would send an email to the sender, requesting they go to a web site (click on a link) and enter a code generated by the server.

After the sender entered the code, the senders address was added to the database and they could send email to the server, bypassing the gate, so to speak. (Challenge/Response)

I searched the web for quite some time and can't find it. I want to install something like that on one of my linux servers (perhaps as a procmail recipe) and am lazy to write it (sound fairly straight forward though).

Anyone know of a utility such as this?

Thanks,

Neo
Reply With Quote
Forum Sponsor
  #2 (permalink)  
Old 12-31-2004
Neo's Avatar
Neo Neo is offline
Administrator
  

Join Date: Sep 2000
Location: Asia Pacific
Posts: 4,295
Stumble this Post!
I found this procmail recipe:

http://www.angel.net/~nic/spam-x/

Quote:
How it works

When someone sends you mail from an address from which you've never received mail before, procmail will store their mail away without delivering it to you, and send them a message explaining that their mail hasn't been delivered yet. When they reply to that message as instructed, their original message will be delivered instead, and their address will be added to the list of addresses from which to accept mail in the future.

That's really about it — your friends and correspondents won't be inconvenienced much, and you may never get another piece of spam!
Which also points to:

http://tmda.net/

So I'll hunt around a bit more and install one of the above and test. I might try both.......

Neo

PS: See also: http://ii.best.vwh.net/internet/messaging/spam/

Reply With Quote
  #3 (permalink)  
Old 12-31-2004
Neo's Avatar
Neo Neo is offline
Administrator
  

Join Date: Sep 2000
Location: Asia Pacific
Posts: 4,295
Stumble this Post!
Quote:
Originally posted by Neo
I found this procmail recipe:

http://www.angel.net/~nic/spam-x/


So I'll hunt around a bit more and install one of the above and test. I might try both.......

Neo
The .procmailrc above works OK and was easy to install.


Reference: http://www.angel.net/~nic/spam-x/


Quote:

# Blocking spam with an accept list, version 030131
# Info at http://angel.net/~nic/spam-x.html


# Customize all these constants:

# Your e-mail address
MY_EMAIL=nic@angel.net

# Your name
MY_NAME="Nic Wolff"

# This should be either blank, or a regex that matches any addresses from which
# you get lots of mail that you want to archive but not read:
BOTS=(root@.*angel.net|domainA|domainB|domainC)

# This should be a regex that matches all domains from which you know you
# won't get spammed:
KNOWN_DOMAINS=(angel.net|domain1.com|domain2.com)$

# This should be either blank, or a regex that matches the To: headers of any
# mailing lists you're on:
LISTS=


# Customize this to change the autoreply sent to messages from addresses
# that are not in the accept list
AUTOREPLY="Hi!

Your message has been received, but it hasn't been delivered to me yet. Since I don't have any record of your sending me mail from this address before, I need to verify that you're not a spammer. Please just hit 'Reply' and send this message back to me, and your previous message will be delivered, as will all your future messages.

(If your mail server can run procmail and you'd like to avoid receiving spam, you can find out how at http://angel.net/~nic/spam-x/.)

Thanks, and sorry for the inconvenience -"


# Customize these if they're not right on your system:
FORMAIL=/usr/bin/formail
GREP=/usr/bin/grep
HEAD=/usr/ucb/head
SENDMAIL=/usr/lib/sendmail
LS=/bin/ls
TR=/usr/bin/tr


# Customize these if you want to put addresses and pending messages elsewhere -
# make sure PENDING_DIR exists!
DB=$HOME/.accept-list
DENY_DB=$HOME/.deny-list
PENDING_DIR=$HOME/pending_messages


##############################
# Don't change anything else unless you know why you're doing it!

SHELL=/bin/sh
PATH
COMSAT
VERBOSE=on
LOGFILE=${LOGFILE-".procmail_log"}

:0 c
$HOME/.save_all

# You can mail yourself a request for the list of pending senders
:0
* ^Subject: List senders
{
:0 fbw
| $LS -t $PENDING_DIR

:0:
${DEFAULT}
}

# You can mail yourself to approve an address
:0 fw
* ^Subject: Accept \/.*
* ? echo $MATCH >> $DB
* ? test -e $PENDING_DIR/$MATCH
| ( cat $PENDING_DIR/$MATCH || true )

# You can mail yourself to deny an address
:0 fw
* ^Subject: Deny \/.*
* ? echo $MATCH >> $DENY_DB
/dev/null

# Get sender
:0 hw
FROM=|$FORMAIL -rzxTo:|$TR / _

# If message is from a local bot then archive it
:0
* BOTS ?? (.)
* $ FROM ?? $BOTS
notifications

# If message is an NDN then archive it
:0 h
* MAILER-DAEMON
NDNs

# If message is from a known domain then deliver it
:0
* KNOWN_DOMAINS ?? (.)
* $ FROM ?? $KNOWN_DOMAINS
$DEFAULT

# If message is to a list we're on then deliver it
:0
* LISTS ?? (.)
* $ ^TO_$LISTS
$DEFAULT

# If message is from a known non-spam UCE sender then dump it
:0 h
* ? $GREP -i ^$FROM $DENY_DB
/dev/null

# Else if message has chicken then register sender and deliver stored messages
:0 Efw
* $ ^Subject:.*Verify.*for.*$MY_EMAIL
* ? echo $FROM >> $DB
* ? test -e $PENDING_DIR/$FROM
| ( ( cat $PENDING_DIR/$FROM && rm $PENDING_DIR/$FROM ) || true )

# Else if sender isn't in DB then send request for chicken and store message
:0 E
* $ ! ^X-Loop: $MY_EMAIL
* ! ? $GREP -i ^$FROM $DB
{
:0 c
* ? test ! -e $PENDING_DIR/$FROM
| ( $FORMAIL -rt -I"To: $FROM" -A"X-Loop: $MY_EMAIL" -I"Subject: Verify $FROM for $MY_EMAIL"; echo "$AUTOREPLY"; echo; echo "$MY_NAME" ) | $SENDMAIL -t

:0:
$PENDING_DIR/$FROM
}

# Else deliver normally
Reply With Quote
Google The UNIX and Linux Forums
Reply

« Max No of Open File Descriptors in a process | System Error messages »
Thread Tools
Display Modes
Linear Mode Linear Mode




All times are GMT -7. The time now is 09:18 AM.

The UNIX and Linux Forums RSS Feeds - Contact Us - The UNIX and Linux Forums - Archive - Top

Powered by: vBulletin, Copyright ©2000 - 2006, Jelsoft Enterprises Limited.
The UNIX and Linux Forums Content Copyright ©1993-2008 The CEP Blog All Rights Reserved -Ad Management by RedTyger Visit The Global Fact Book

Content Relevant URLs by vBSEO 3.2.0