NAME

Mail::MtPolicyd::Plugin::Honeypot - mtpolicyd plugin for creating an honeypot

VERSION

version 1.13

DESCRIPTION

The Honeypot plugin creates an honeypot to trap IPs sending to unused recipient addresses.

The plugin requires that you define unused recipient addresses as honeypots. These addresses can be specified by the recipients and recipients_re parameters.

Each time an IP tries to send an mail to one of these honeypots the message will be reject if mode is 'reject' and an scoring is applied. The IP is also added to a temporary IP blacklist till an timeout is reached (parameter expire). All IPs on this blacklist will also be rejected if mode is 'reject' and scoring is applied.

EXAMPLE

<Plugin honeypot>
  module = "Honeypot"
  recipients = "bob@company.com,joe@company.com"
  recipients_re = "^(tic|tric|trac)@(gmail|googlemail)\.de$"
</Plugin>

PARAMETERS

(uc_)enabled (default: on)

Enable/disable this check.

score (default: empty)

Apply an score to this message if it is send to an honeypot address or it has been added to the honeypot before by sending an mail to an honeypot.

mode (default: reject)

The default is to return an reject.

Change to 'passive' if you just want scoring.

recipients (default: '')

A comma seperated list of recipients to use as honeypots.

recipients_re (default: '')

A comma seperated list of regular expression to match against the recipient to use them as honeypots.

reject_message (default: 'trapped by honeypod')

A string to return with the reject action.

expire (default: 7200 (2h))

Time in seconds till the client_ip is removed from the honeypot.

Plugin (default: empty)

Execute this plugins when the condition matched.

AUTHOR

Markus Benning <ich@markusbenning.de>

COPYRIGHT AND LICENSE

This software is Copyright (c) 2014 by Markus Benning <ich@markusbenning.de>.

This is free software, licensed under:

The GNU General Public License, Version 2, June 1991