Defensive Anti-Spam Proxy
For SMTP Servers
By Steve Redler IV April 2,2003
Overview: DASProxy is a SMTP server proxy that eliminates the reception of unsolicited junk email by sending temporarily valid encrypted email addresses in the SMTP denied error response. This allows the sender to retrieve the temporary address from the "Message Undeliverable" reply of their SMTP server. The temporary address is voided after a preset number of hours.
Details: DASProxy is a SMTP server proxy that eliminates the reception of unsolicited junk email by implementing the following functionality:
The sender address of all incoming mail is checked against the recipients white list and allowed to be delivered if listed, denied if not listed.
If the sender is denied, it is done before the content of the message is transmitted. DASProxy sends a DENIED response to the senders SMTP server.
The DENIED response includes a message stating "If you would like to send an email to firstname.lastname@example.org, resend your message to #email@example.com and it will be promptly delivered".
The "#03628532" is an encrypted version of the recipients name, which is decrypted, verified, and passed on to the SMTP server as "firstname.lastname@example.org".
The sender is now added to the recipients white list automatically, or manually if so configured.
The cryptographic algorithm uses time and date plus a private key to create a unique valid email address that will expire in 24hours by default.
White lists and blacklists can be updated by sending commands to DASProxy through simple email messages.
DASProxy also does POP before SMTP authentication for remote email clients belonging to local domains.
A report is sent to each recipient once a day detailing blocked email activity, including time & date stamp, senders email address and a reverse lookup on the senders SMTP server ip address.
DASProxy generates no extra challenge/response emails to blocked senders, working only within the specification of the SMTP protocol.
Update May 7, 2003: DASProxy is currently functioning code in use on an email server being tested on a test set of accounts including one of my own. I will be uploading the first alpha release in a few days onto SourceForge at DASProxy.
DASProxy is coded completely in tcl and needs more refinement and configuration utilities. My original intention was to use this is house only, but, with the recent flurry of companies racing to patent anti-spam techniques in order cash in at everyone else's expense, I feel its time to release my proxy as an Open Source project to protect everyone not only from spam, but the companies trying to stifle programmers with patent litigation.