Blackhole Minefield

Some of the spam flood can be prevented with a trap email address. Any email sent to an email address like that is obviously spam. To enable the minefield follow these steps:

Edit clapf.conf and set the blackhole_email_list variable:

blackhole_email_list=trapaddress1@domain,trapaddress2@domain

That’s all. clapf will learn every email sent to the trap addresses as spam unless it already recognises it correctly.

Other tips

You can do even more with the blackhole database. Clapf puts the IP-address of the sender host (the host passing the email to us) to the minefield table.

You may create a blackhole zone assembled by the content of the minefield table. Then configure your SMTP server to check every incoming connection aginst this zone and reject mail in case of a proven spam sender.

Run a regular cron job to purge aged entries from the minefield table, eg.

delete from minefield where ts < ?

Generally, larger sites may use shorter TTL, smaller sites may keep the compromised IP-addresses for a longer time.

This gives you a flexible, intelligent and fully automatic blacklist.