SpamCannibal blocks spam at the origination server and can be configured to
block DoS attacks.
SpamCannibal uses a continually updated database containing the IP addresses of spam or DoS servers and blocks their ability to connect using a TCP/IP tarpit,
SpamCannibal's TCP/IP tarpit stops spam by telling the spam server to send very small packets. SpamCannibal then causes the spam server to retry sending over and over - ideally bringing the spam server to a virtual halt for a long time or perhaps indefinitely. SpamCannibal blocks spam at the source by preventing the spam server from delivering the messages from its currently running MTA process. This effectively eliminates the network traffic to your site because the spam never leaves the origination server. This same strategy works equally well when SpamCannibal's tarpit daemon is configured to defend against DoS attacks.
Widely deployed, SpamCannibal can help eliminate spam from the internet. If enough threads on a spam server are captured, one of three things happens:
SpamCannibal is a free software toolkit to help stop DoS attacks, UBE (Unsolicited Bulk Email), UCE (Unsolicited Commercial Email), and other spam from reaching your network and your mail servers. SpamCannibal is published under the GNU General Public License and is available for download from CPAN. For specific download instructions and links, click the Download link.
SpamCannibal does not identify spam. SpamCannibal uses a list of identified spam sources (IP addresses) to know what to block. SpamCannibal's network module continuously adds the IP address of incoming connections to its database. From this list, there are three ways to obtain a list of spam sources:
SpamCannibal runs more than fast enough on a Linux 486 PC and uses very little network bandwidth (because it is mostly ignoring connections). The SpamCannibal tarpit daemon is stateless and consumes very few resources on its host and very little bandwidth (1/2 byte per second per thread on average).
Who are Potential SpamCannibal Users?
The ONLY way you can get into SpamCannibal's database is by sending spam or virus ladened email to our mail servers!
SpamCannibal does not block email access except for IP addresses and ranges that have sent or relayed what we believe to be spam or other unsolicited email directly to our email servers. SpamCannibal uses its database to block access by IP addresses ONLY for its own mail servers, however, the database we use for that purpose is freely available for anyone to look at and use as they see fit.
If you have been referred to this site because you appear to be blocked by some third party, speak to the administrators of the third party site you are trying to contact.
SpamCannibal does not scan remote hosts or otherwise test remote sites. The ONLY way you can get into SpamCannibal's database is by sending unsolicited email to our servers!
If you believe your IP address is in SpamCannibal's database, click the Lookup IP link to find out why. To find out who owns a particular IP address, click the Whois IP link.
SpamCannibal does not block email access except to our mail hosts for IP addresses and ranges that have sent or relayed what we believe to be spam or other unsolicited email directly to our mail servers. This INCLUDES warning messages sent in response to detected spam/virus messages with BOGUS/FORGED headers.
The proper disposition of such messages where the content in KNOWN to be a virus or spam is DISPOSE with no notice. Servers that are not properly configured in this manner ARE sending unsolicited email and will be added to the blacklist database.
Spam originating IP addresses are blocked ONLY for access to our mail servers, however, the database we use for that purpose is freely available for anyone to look at and use as th