dnsreflector
The dnsreflector daemon listens for DNS queries on a local UDP port and answers with records pointing back to localhost. Combined with OpenBSD's packet filter pf(4) this works as a bandwidth efficient spamtrap.
PF Setup
table <spamd> persist pass in proto udp from <spamd> to any port 53 rdr-to 127.0.0.1 port 53000
Usage
dnsreflector [-d] [-a address] [-p port] -d Run as daemon in the background -a address Bind to this address (default: 127.0.0.1) -p port Bind to this port (default: 53000) -i address Answer with this IP instead of 127.0.0.1
This program is tested on OpenBSD and FreeBSD. If you are interested in running dnsreflector on another platform, please contact me . On popular demand I made a diff to compile dnsreflector with Linux (tested on SuSE). You will need a facility to redirect DNS queries coming from blacklisted hosts to dnsreflector.
dnsreflector-1.03.tar.gz