Catch spam by using spam traps. If you have any dedicated traps sprinkled around or maybe some old e-mail addresses that are only used by spammers nowadays, you can use them to protect your other mailboxes.
Go >= 1.22 is required.
git clone https://netsend.nl/opensmtpd-filter-spamtrap.git
cd opensmtpd-filter-spamtrap
go build -o filter-spamtrap
install -m555 -gbin filter-spamtrap /usr/local/libexec/smtpd/
mkdir -m750 /var/spamtrap
useradd -d /var/spamtrap -s /sbin/nologin spamtrap
chown -R spamtrap:wheel /var/spamtrap
touch /etc/mail/spamtraps
chmod 640 /etc/mail/spamtraps
chown root:spamtrap /etc/mail/spamtraps
smtpd.conf:
filter "spamtrap" proc-exec "filter-spamtrap" user spamtrap group spamtrap
listen on egress filter { spamtrap }
Spamtrap addresses should be added to /etc/mail/spamtraps, one per line. Example using two traps:
echo sp@mtrap.nl > /etc/mail/spamtraps
echo spamtrap2@example.com >> /etc/mail/spamtraps
Once everyting is set, restart smtpd.
X-Spam header, this is the default. Or spam is redirected to a specific address using the
-redirect option.
usage: filter-spamtrap [-trapfile file] [-expire duration] [-redirect addr]
[-spammers dir]
filter-spamtrap -stats [-expire duration] [-spammers dir]
-expire duration
after how long a spammer should be unlisted (default 192h)
-redirect string
rewrite recipient of trapped mail instead of adding an "X-Spam" header
-spammers string
directory to save catched spammers in (default "/var/spamtrap")
-stats
print statistics about spammers and exit
-trapfile string
file containing one trap address per line (default "/etc/mail/spamtraps")
Browse the source code online or clone the repository:
$ git clone https://netsend.nl/opensmtpd-filter-spamtrap.git