NAME

SpamCannibal - scripts

sc_BLcheck.pl

This script checks each IP address found in the archive database against the list of DNSBL black list servers in its configuration file. IP addresses that have a matching DNSBL response are added to the tarpit database and a corresponding record is made in the blcontrib database to indicate the reason for addition and the black list server responsible. The entry may come in part from the TXT record returned by the DNSBL and/or from the default values in the config file.

Syntax: ./sc_BLcheck.pl path/to/config.file
  or
      ./sc_BLcheck.pl -d path/to/config.file
      ./sc_BLcheck.pl -v path/to/config.file

The -d switch allows you to see what the 
script will do without any db updates 
taking place. The -v switch will print
the scripts actions to the screen. 
-v -v does it more verbosely.
The -d switch implies a single -v.

sc_BLpreen.pl

This script checks each IP address found in the blcontrib file for continued blacklisting by the original DNSBL server. If the DNSBL no longer blacklists an address or if the DNSBL is unreachable for a predetermined, configurable timeout set in the config file for each DNSBL, then the IP address is removed from SpamCannibal's database.

Syntax: ./sc_BLpreen.pl path/to/config.file
  or
      ./sc_BLpreen.pl -d path/to/config.file
      ./sc_BLpreen.pl -v path/to/config.file

The -d switch allows you to see what the 
script will do without any db updates 
taking place. The -v switch will print
the scripts actions to the screen. 
-v -v does it more verbosely.
The -d switch implies a single -v.

sc_admin.pl

This script provides low level access to the SpamCannibal databases for fixing things or modifying things that can't be done using the admin interfaces. Belt and suspenders!

Syntax: sc_admin.pl db_name (action) [dot.quad.ip.addr] [stuff]
      (or) [stuff]
           [.]

sc_admin.pl  db_name  get     dot.quad.ip.addr
sc_admin.pl  db_name insert   dot.quad.ip.addr stuff...
sc_admin.pl  db_name delete   dot.quad.ip.addr
sc_admin.pl  db_name zap      key (unconstrained delete)
sc_admin.pl  db_name view
sc_admin.pl  db_name clear
  and
              where db_name is one of
      tarpit, archive, blcontrib, or evidence

for "tarpit" and "archive" there are no arguments 
      for "insert" except dot.quad.ip.addr,

for "blcontrib" the arguments are (in order):
      addr => resp, err, remrsp, time, zone

      dot.quad.ip.addr
      127.0.0.3       # response code from our DNSBL
      "error string... from remote DNSBL or our default"
      127.0.0.x       # remote response accepted from remote DNSBL
      1059422395      # time record expires (since epoch) or "0"
      remote.dnsbl.zone

for "evidence" the arguments are
      dot.quad.ip.addr followed by STDIN of
      mail headers +
      message terminated on the last line by a
      .

sc_initdb.pl

This script initializes the SpamCannibal environment and database files; and sets the permissions on the directories and files.

There's no usage syntax, it is run once after installation. And needs to be run again after a database recovery. Running it repeatedly won't hurt anything.

sc_mailfilter.pl

This script parses a received message that contains a set of spam headers and message body.

  i.e.

	-----------------
	|  real headers	|
	-----------------
	   blank line
	-----------------
	|  spam headers	|
	-----------------
	   blank line
	-----------------
	|  spam body	|
	-----------------

The spam headers, blank line, body can optionally (recommend) be encrypted with PGP armor to prevent unauthorized access to the spam client input.

Syntax: ./sc_mailfilter.pl path/to/config.file
  or
      ./sc_mailfilter.pl -d path/to config.file
      ./sc_mailfilter.pl -v path/to/config.file

The -v switch sends debug error messages to 
the REPORT target email address (if present)

The -d switch returns the information that would
be added to the tarpit and evidence databases.
Nothing is added to the database files.

sc_cleanup.pl

This script cleans spurious records from the database.

For example: A spam message arrives and the sc_BLcheck.pl script is fired off by cron. sc_BLcheck.pl finds the address on a remote DNSBL and adds a record to the tarpit. A few minutes later you read your mail, find the spam and send it off to sc_mailfilter. These two action result in a record in the tarpit as well as both the contrib and evidence databases. Only one tracking record is necessary in contrib or evidence so there is an extra record. Similarly if you "play" around with the sc_admin.pl tools and leave extra records here and there, sc_cleanup.pl will remove them.

Syntax: ./sc_cleanup.pl -q
  or
      ./sc_cleanup.pl -d
      ./sc_cleanup.pl -v

The -q switch is for normal, quiet operation.
The -d switch allows you to see what the 
script will do without any db updates 
taking place. The -v switch will print
the scripts actions to the screen. 
The -d switch implies a -v.

sc_remote.pl

This script is the alias for a suid wrapper (user spam) and provides secure access to a remote host spamcannibal databases for the web admin interface via ssh or other suitable transport for administrative activities. The command line interface is the same as sc_session.pl.

sc_session.pl

This script is the alias for a suid wrapper (user spam) and provides secure access to the local host spamcannibal databases for the web admin interface.

 Syntax: sc_session.pl command [arg1] [arg2] ...

 sc_session.pl admin   on | off (command line only)
 sc_session.pl newsess user password 
 sc_session.pl updpass session_id expire user newpass oldpass
 sc_session.pl chksess session_id expire (relative)
 sc_session.pl rmvsess session_id
 sc_session.pl insBL   session_id expire dot.quad.ip.addr stuff...
 sc_session.pl insEVD  session_id expire dot.quad.ip.addr stuff...
 sc_session.pl delete  session_id expire dot.quad.ip.addr

 admin         returns "OK status"
       allow admin addition/deletion of users
 newsess       returns "OK session_id"
 updpass       returns OK or (error text)
       blank passwords deletes user (not self)
 chksess       returns OK or (error text)
 rmvsess       returns OK or (error text)
 insBL         returns OK or (error text)
               insert blacklist contrib
               the arguments are (in order):
       addr => resp, err, remrsp, time, zone

       dot.quad.ip.addr =>
       127.0.0.3       # response code from our DNSBL
       "error string... from remote DNSBL or our default"
       127.0.0.x       # remote response accepted from remote DNSBL
       1059422395      # time record expires (since epoch) or "0"
       remote.dnsbl.zone

 insEVD        returns OK or (error text)
               insert evidence, the arguments are:
       dot.quad.ip.addr followed by STDIN of
       mail headers +
       message terminated on the last line by a single
       .

 delete        returns OK or (error text)
               deletes dot.quad.ip.addr in all databases

To install Mail::SpamCannibal, copy and paste the appropriate command in to your terminal.

cpanm

cpanm Mail::SpamCannibal

CPAN shell

perl -MCPAN -e shell
install Mail::SpamCannibal

For more information on module installation, please visit the detailed CPAN module installation guide.

	Global
`s`	Focus search bar
`?`	Bring up this help dialog

	GitHub
`g` `p`	Go to pull requests
`g` `i`	go to github issues (only if github is preferred repository)

	POD
`g` `a`	Go to author
`g` `c`	Go to changes
`g` `i`	Go to issues
`g` `d`	Go to dist
`g` `r`	Go to repository/SCM
`g` `s`	Go to source
`g` `b`	Go to file browse

	Search terms
module: (e.g. module:Plugin)
distribution: (e.g. distribution:Dancer auth)
author: (e.g. author:SONGMU Redis)
version: (e.g. version:1.00)