From: Eran Tromer (eran_at_nonexisting.hamakor.org.il)
Date: Sun 29 Aug 2004 - 00:20:10 IDT
Hi,
Following up on my recent footnote, and in light of the rapidly
increasing amounts of Israeli spam, I hereby suggest a FOSS project
which I don't have time to write, but would love to use. :-)
The idea is as follows. Write a Mozilla extension (or the equivalent for
your favorite MUA) that adds a "Cluebat Sender" button (or menu item,
etc.), which helps in the application of a cluebat to the sender of the
current message.
While a full implementation may prove somewhat difficult, a first
approximation would be to help in *finding* the real sender. Thus,
clicking the button would automagically perform all the usual spam
analysis tasks and display their results:
- Find all domain names and IP addresses mentioned in the message body
and the interesting headers (e.g., first Received headers).
- Perform WHOIS, reverse-DNS and IP allocation [1] lookups on all of the
above.
- Cross-reference key aspects, such as sender and subject, against prior
received spam, spam databases, Google, etc.
- Display a nice HTML report of the above, highlighting e-mails and
phone numbers.
Of course, mailer integration is a separate issue from the analysis per
se, so it would make sense to first write a MUA-independent program that
takes a message from stdin and spits the HTML report to stdout.
Any takers?
Eran
[1] As in http://www.ripe.net/perl/whois?searchtext=-L+192.117.122.104
=================================================================
To unsubscribe, send mail to linux-il-request_at_linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request_at_linux.org.il
This archive was generated by hypermail 2.1.7 : Sun 29 Aug 2004 - 00:35:11 IDT