Download List

Project Description

Synspam uses Netfilter NFQUEUE to catch the source IP address of any machine connecting to your mail server, running multiple tests against it (RBL check, regexp on the reverse name, etc.) before forwarding the connection to the MTA. In order to have as few false positives as possible, a scoring system is used. If the source IP address is believed to be a spammer IP address, the connection can be dropped. There is a dry run mode if you just want to test it, which is the default.

System Requirements

System requirement is not defined
Information regarding Project Releases and Project Resources. Note that the information here is a quote from Freecode.com page, and the downloads themselves may not be hosted on OSDN.

2010-04-30 07:13
0.4.6

A new configuration parser. A new format: you can use XML-like configuration and attribute negative scores when a DNSBL doesn't match a source IP address. The old configuration style is still supported.
Tags: new features

2010-03-17 17:01
0.4.5

Synspam now uses the Netfilter xt_osf module. If your kernel is Linux 2.6.31 or later, this module can probably be loaded and used. A score is attributed to Windows boxes, and it should not be changed, otherwise you might get false positives with some Exchange servers. The synspam_fw.sh script has been added, which is in charge of loading and unloading iptables rules. Arguments can be passed through the command line. A EUID check was added.
Tags: Major, new feature, bugfix

2010-02-08 18:48
0.4.0

Synspam now checks both A and PTR records to be sure that the source IP address doesn't have a reverse which belongs to another network. This is a technique used by spammers to bypass some spam filters. The INSTALL file was updated with information about the kernel support needed for synspam.
Tags: Major, new feature, improvement

2010-02-01 21:18
0.3.6

The connections filtering code was refactored; further targets may be added in the future. New functions were added to the synspam-report script for average reject score and average accept score, and it no longer makes correlation between spamassassin and synspam. An extra check was added at startup to prevent success messages from being printed when synspam segfaults.
Tags: enhancement, bugfix

2010-01-20 03:29
0.3.5

The user can choose between dropping packets or rejecting them. That means that instead of simply discarding packets, synspam can send a TCP RST to the source IP so that port 25 won't appear filtered, but closed. Be aware that iptables rules have changed. It's possible to start synspam in foreground or daemon mode. The default is daemon mode.
Tags: Major feature enhancements

Project Resources