spamGuard 1.6 README
	---------------------------------------------

Nearly all of today's mail system administrators face spam as their
first threat. Because of this, EnderUNIX team has written this small
application to automagically monitor malicious spammer activity in
your mail server logs.

spamGuard is written purely in C, to stop spammers hanging around.
The program supports nearly all mostly used MTAs; qmail (both
multilog and splogger), sendmail and Postfix.

Rationale: 
----------

1. spamGuard is fired via crontab within fixed intervals. 
2. spamGuard scans the accumulated maillog and finds the amount of
mails users sent.
3. spamGuard loads its ignore list from its
   ignore file and badmailfiles files(badmailfrom in
   qmail and access for sendmail).
4. users whose mail count exceeds the configured threshold value(there
are three different values:
   warning, block and paranoid) are treated as spammers. They are
   added to mailers' badmail file (spammer blacklist files).
5. Notification mails are sent to sysadmins about spammer activity,
if present. 
6. (For sendmail version, a hash database of access
file is created).

spamGuard can process a 85 MB log file in less then 10 seconds.

Tested on: FreeBSD 4-STABLE Solaris 2.7-Sparc
Solaris 8-Sparc Slackware Linux 8.0 RedHat 7.2 Digital UNIX

If your OS is DigitalUnix, please read README.DigitalUnix.

For questions, there is a mailing list available: To subscribe send
mail to: spamguard-subscribe@yahoogroups.com


EnderUNIX SDT @ Istanbul/Turkey roots@enderunix.org -
http://www.enderunix.org

Mon Oct  7 10:03:21 EEST 2002