{"id":13766826,"url":"https://github.com/scrapbird/sarlacc","last_synced_at":"2026-01-31T14:33:36.464Z","repository":{"id":74027725,"uuid":"120993784","full_name":"scrapbird/sarlacc","owner":"scrapbird","description":"SMTP server / sinkhole for collecting spam","archived":false,"fork":false,"pushed_at":"2018-07-30T02:37:00.000Z","size":579,"stargazers_count":44,"open_issues_count":2,"forks_count":10,"subscribers_count":7,"default_branch":"master","last_synced_at":"2024-11-17T02:34:17.445Z","etag":null,"topics":["malware","sinkhole","smtp-server","spam"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/scrapbird.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2018-02-10T07:13:43.000Z","updated_at":"2024-08-03T09:15:30.000Z","dependencies_parsed_at":null,"dependency_job_id":"7a68da7b-d9b4-48a7-a2e4-cf4c2af94868","html_url":"https://github.com/scrapbird/sarlacc","commit_stats":null,"previous_names":[],"tags_count":2,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scrapbird%2Fsarlacc","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scrapbird%2Fsarlacc/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scrapbird%2Fsarlacc/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/scrapbird%2Fsarlacc/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/scrapbird","download_url":"https://codeload.github.com/scrapbird/sarlacc/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":253492529,"owners_count":21916959,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["malware","sinkhole","smtp-server","spam"],"created_at":"2024-08-03T16:01:01.442Z","updated_at":"2026-01-31T14:33:36.458Z","avatar_url":"https://github.com/scrapbird.png","language":"Python","funding_links":[],"categories":["Security","Hardening"],"sub_categories":["Hardening","Ghidra"],"readme":"# Sarlacc\n\nThis is an SMTP server that I use in my malware lab to collect spam from infected hosts.\n\nIt will collect all mail items sent to it in a postgres database, storing all attachments in mongodb.\n\nThis is work in progress code and there will probably be bugs but it does everything I need.\n\nWarning: There will most likely be breaking changes as I flesh out the plugin API. Once it has stabilized I will give this a version number and try not to break anything else.\n\n\n## Getting Started\n\n### docker-compose\n\nTo get started with docker-compose, simply run `docker-compose up`.\n\nThe server will then be listening for SMTP connections on port `2500`.\n\n#### Data\nTo ensure proper data persistence, data for both postgres and mongodb is stored in docker volumes.\n\n\n### Production\n\nIf installing in a production environment which requires a proper setup, an install of mongodb and postgresql will be required.\nTo configure sarlacc, copy the default config file to `smtpd/src/smtpd.cfg` and override the settings you wish to change:\n```\ncp smtpd/src/smtpd.cfg.default smtpd/src/smtpd.cfg\n$EDITOR smtpd/src/smtpd.cfg\n```\nThen edit the file with your required configuration.\n\nYou can use the `postgres/postgres_init.sql` script to initialize the database for use with sarlacc.\n```\npsql -h localhost -U postgres \u003c postgres/postgres_init.sql\n```\n\nIf you want to use different credentials (you should) then modify the `postgres/postgres_init.sql` and the config file for the smtp server appropriately.\n\ncd into the `smtpd/src` directory:\n```\ncd smtpd/src\n```\n\nInstall the dependencies:\n```\npip install -r requirements.txt\n```\n\nStart the server:\n```\n./app.py\n```\n\nThe server will then be listening for SMTP connections on port `2500`.\n\n\n### Requirements\n\npython3.5\n\n\n\n## Web Client\n\nThe web client has not been built yet, to view the data you will need to manually interact with the databases.\n\n\n\n## Plugins\n\nYou can extend sarlacc via plugins. Simply drop a python file (or a directory with an `__init__.py` file) into `smtpd/src/plugins`. There are example's of both types of plugins at `smtpd/src/plugins/example.py` and `smtpd/src/plugins/directory_example`.\n\nTo get a full idea of what events are available for the plugins to be notified by, check out the `smtpd/src/plugins/plugin.py` file.\n\nPlugins are also exposed to the internal storage API, from which you can pull email items, recipients, attachments, tag attachments etc etc. Take a look at the `smtpd/src/storage.py` file for more info on how to use this.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscrapbird%2Fsarlacc","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fscrapbird%2Fsarlacc","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fscrapbird%2Fsarlacc/lists"}