email filter and IP submission
client: ms-windows and linux
the client should be a small task program which scans all incomming mail and builds a hash for every mail. additional it should read the mailheader and detect the delivering ip address (when mail is taken from mailserver pop3/imap it should read which ip has delivered to mailserver). additional if there is any url link inside the mail it should store the domain (but without additional information like ?site=... - only domain like [url removed, login to view]).
these information should be sent to my server.
this client should work for windows and linux (if possible).
the client software can request the hash-table from my server. if an email matches the hash-table or stored url the mail is marked as spam and either sorted inside a special folder, marked inside subject line as spam or sent to trash (user selectable).
the client software should have a whitelist which can have url, mailaddress or ip (range) which is always bypassed.
little installer is helpful for users (incl. uninstall function).
external language file for translating into different languages.
client should be small and easy as possible for working fast and stable.
secure againt spoofing:
the mailheader must be read always correct.
for preventing from getting spoofed the software checks the users pc's ip, the submitter ip and if the scaned mails where really received with this ip.
this check must be done permantly because a lot of users use dynamic ip's.
server external language file for supporting different languages.
it should collect hash tables, domains and ip-addresses from client software and store. it should built different tables: 1. table for hashes, 2. for [url removed, login to view] and 3. for ip addresses.
the ip addresses should be stored as zone file for bind (text) that it can be requested via rbl from mailservers, too.
way of storrage:
hash, [url removed, login to view] and ip-address should be only stored when a selectable number of different client has reported the same hash, domain or ip-address. maybe 10 clients report the ip address then it is stored and can be sent out clients.
for getting clients workable user need to signup on webpage and request an individual registration number. the client is always bind to these registration number. so it's possible inside an admin area to block or delete selected clients. for blocking automatic client signup a captcha should be protect the signup and the confirmation process (email confirmation of signup). it must be a hard captcha as shown on [url removed, login to view] (you can use this captcha service).
when user logs into member area (captcha) he can see:
number of total received mails with his client
number of spam marked mails inside his client
number of scaned mails total by all clients
number of spam marked mails total by all clients
request a list of blacklisted domains
request a list of blacklisted domains
request a list of hashes
check if ip is listed
check if domain ist listed
request delete of ip address
request delete of domain
download client software (win/linux)
the ip and domain blacklist should be valid for a selectable period of time (maybe 4 days). the hash can be deleted on request by admin.
when a domain or ip is blacklisted there should be sent a out an information message to the abuse contact for domain/ip-range (whois or ripe database request).
the bind zonefile should be include an information for spamer like IP is blocked by using xxx RBL - [url removed, login to view]
there must exists 3 RBL zones:
permanent blocked ip's
temporarilly blocked ip's
mix of both
RBL zones files allow easy integration inside postfix / sendmail for users.
an additional feature should be added to clients:
ping spamer ip
ping spamer domain
user can select these item and sent out pings to domain or ip address (number of simoultanous pings is selectable to prevent blocking of own bandwith :)) - so when all user select ping spamer his server gets ddos blocked by pings :)
admin must be possible to send out newsletters to all users
admin can select a users client as trusted spam. submissions into trusted spamtraps are directly and without waiting stored inside blacklist database.
(for building mailbox traps for spamers).
clientsoftware must check for update periodically automatically
admin can add/delete/modify [url removed, login to view] / hash / ip(range, whole netblocks)
admin can activate / deactivate / delete / modify user entry and/or client
admin can sent out an confirmation mail. all clients must click link inside mail which goes to a captcha page. only clients who did this within a selectable time period gets still active. all others need to be reenabled inside members area.
add an ip to pingable list, add a domain to pingable list. remove ip/domain from list.
add ip(range) / domain to permanent blocked list.
client should show it's own status:
- last mail scaned
- last spam report sent
- last spam blacklist received
- client is active / needs reenable
- update avaiable yes / no
- go to homepage
it's possible to request forgotten password
it's possible to request forgotten username
it's possible to request resending of confirmation mail