SMTarPit is a chrooted SMTP honeypot/tarpit. It attempts to determine whether it is a person or a machine on the other (cracker) end, and adjusts itself accordingly so that it wastes as much of their time as possible.
| Tags | Communications Email Networking Monitoring |
|---|---|
| Licenses | GPL |
| Operating Systems | OS Independent |
| Implementation | Perl |


No changes have been submitted for this release.


Release Notes: A new CLI monitor was added so that you can keep an eye on the tarpits over any console, including telnet and ssh or even a teleprinter. The GUI monitor interface was improved, adding host cross-checking and abuse mail/address checking on whois. A minor change was made to tarpit (special IPs were added).


Release Notes: This release allows you to be 'naughty' with an attacker's mailto: address, allows you to specify (partial) domains for special treatment, and includes SMTarPit Monitor (uses Perl Tk) to monitor the status of all of the tarpit processes in real time (which is a bit like a slow-race). SMTarPit Monitor allows you to interrogate a tarpit PID for details including rhost IP, and perform a 'host' look-up and a 'whois' with the abuse address highlighted.


Release Notes: This release self-limits instances, responds correctly when SIGINT or SIGPIPE is received, has configurable user time-out, configurable program time-out (you can keep it going for a month if you want), does rough checking of the sender address format, doesn't allow '<>' as a sender address, can be made to dump a buffered log at regular (configured) intervals, and Date format in the log files now includes the year.


Release Notes: rcpt to: has been changed so that it will accept (ignore) additional information after the address without rejecting the address.