On Thu, 25 Mar 2004, Charlie Brady wrote: > There appears to be an interesting perl module here: > > http://www.spamcannibal.org/docs/IPTables-IPv4-DBTarpit-Tools.html
And the spamcannibal site itself looks interesting. Welcome to the SpamCannibal SpamCannibal blocks spam at the origination server and can be configured to block DoS attacks. SpamCannibal uses a continually updated database containing the IP addresses of spam or DoS servers and blocks their ability to connect using a TCP/IP tarpit, SpamCannibal's TCP/IP tarpit stops spam by telling the spam server to send very small packets. SpamCannibal then causes the spam server to retry sending over and over - ideally bringing the spam server to a virtual halt for a long time or perhaps indefinitely. SpamCannibal blocks spam at the source by preventing the spam server from delivering the messages from its currently running MTA process. This effectively eliminates the network traffic to your site because the spam never leaves the origination server. This same strategy works equally well when SpamCannibal's tarpit daemon is configured to defend against DoS attacks. [snip] --- Charlie
