Skip to main content

Captcha Smtp module

The CaptchaSmtp module is used to identify false positives on the BitNinja challenge list and allow human users to remove themselves from the challenge list easily.

In other words, if an IP is placed onto the BitNinja challenge list and the IP tries to access your server through SMTP protocol, the request will be forwarded to an alternative fake mail server (created by BitNinja). We log the commands sent by the remote server and create and incident out of them. At the same time we reply to the server with a message

    550 5.7.1 Your IP (`{{client_ip}}`) is on the BitNinja server security challenge list.
If you are not a spammer bot, you can delist this IP on (`http://{{server_ip}}/spam_delist`).

You can only delist this IP a few times! It is good idea to warn your service provider about this incident.

If it was a false positive, the users can delist their IPs (or really the server's IP) but in case of automatic spam activities, we log the incidents.

The provided link will be valid for 10 days or until BitNinja restarts.

The CaptchaSmtp CAPTCHA page will create newMistake level incidents which allow the visitor 10 tries to solve the CAPTCHA. This threshold can be configured in the AntiFlood module's config file.

Relations to other modules

CaptchaSmtp sends events through the Shogun module in order to send it to BitNinja Central, and to the AntiFlood module to detect flood attempts and block them.

Customizing the CAPTCHA page

You can customize the look and feel of the CAPTCHA page on your server. Currently it works on a per-server basis and we support multilingual CAPTCHA pages.

Customizing port number of CaptchaSmtp

warning

Don't forget to sync your local configuration to the cloud with bitninjacli --syncconfigs after you have changed any settings in the configuration file.

You can customize the default port number in the config file (/etc/bitninja/CaptchaSmtp/config.ini) by defining a new section called [userPorts] and underneath adding the line defaultPort. You can define additional ports too. For example:

    [userPorts]
defaultPort = 25
additional[] = 26

Enable StartTLS

CaptchaSmtp now supports StartTLS with the help of Robert Campbell, one of our most helpful customers. StartTLS is not enabled by default, if you want to enable it you must add the following lines to the end of CaptchaSmtp config (/etc/bitninja/CaptchaSmtp/config.ini).

    [ssl]
certPath="path to cert"
;should we use encryption by default?
defaultTls=false

The CaptchaSmtp module needs a public IP address for generating the delist link. You can customize this IP, or set a domain for this purpose by updating the config file at /etc/bitninja/CaptchaSmtp/config.ini.

    ;
; What address is used by CaptchaSmtp delist link.
; By default CaptchaSmtp will use the server\'s first public IP.
; You can add domain as well with out protocol. Like: example.com
;
[delisturl]
mail_captcha_ip=1.2.3.3
;mail_captcha_ip=example.com