Project

About

SpamHost Report is the public website for sc, a free open-source tool for spam abuse reporting.

SpamHost Report is the public face of sc, a small tool for people who already know a message is spam and want to report the infrastructure behind it. The idea being that some hosts expressly forbid spamming in their terms of service, and this tool makes it easy to find them and report clear, irrefutable evidence of TOS violations.

The goal is not to classify mail or run a hosted complaint service. The goal is to help admins prepare useful, evidence-backed reports for the hosting providers and network operators who may not know their customers are sending spam or hosting spam links.

What it is

  • A self-hosted HTTP API and command-line workflow.
  • A parser for Received headers and links in text and HTML bodies.
  • A resolver for network abuse contacts using RDAP and ARIN HTTP APIs.
  • A report composer that can include XARF evidence.
  • An optional SMTP sender that only sends when configured and explicitly requested.

What it is not

  • A spam classifier.
  • It is not a managed spam-reporting service.
  • It is not a public spam upload endpoint.
  • It does not promise takedowns or provider action.
  • It does not parse links from attachments.

How it works

sc takes an email message as input. It parses each section of the email, optionally including Received: headers, but also links within the message: outbound links to spammer-controlled servers, as well as links to content like images. It knows how to decode esoteric formats that spammers often use to try to disguise their content.

For each of these, sc resolves them to an IP address and proceeds to search for contact information for the networks that host them.

At this point sc can either return that information to the caller, or optionally it can produce and send emails to those network’s contacts. These emails include a copy of the spam email in question, details about how their network is involved so the network providers don’t need to try to parse the message themselves, and optionally an XARF report (a standard report format used to report abuse).

Looking up network providers can be quite time-consuming, so sc allows you to configure a cache to reduce spent time researching the same networks again and again. This is helpful since many times the same networks are involved in the same message, and if you get multiple messages from the same spammer it can dramatically reduce processing time.

License and source

sc is licensed under the Apache License, Version 2.0.

Source: https://git.koehn.com/brad/sc