OT Sendmail configuration question

Alex Neuman van der Hans alex at nkpanama.com
Wed Feb 16 12:17:15 GMT 2005


So where could I get RPM's built for Fedora 1 or 2 to install Sendmail 8.13?
Any good apt/yum repositories that have already added it?

-----Original Message-----
From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On Behalf
Of John Rudd
Sent: Tuesday, February 15, 2005 4:50 PM
To: MAILSCANNER at JISCMAIL.AC.UK
Subject: Re: OT Sendmail configuration question

At work:
    I use a delay of 15 seconds.  We also use SBL and XBL for DNSBLs.
    Last week, we blocked 76,915 messages via the delay.

    (combined SBL and XBL blocking was 745,964 messages for that
    week)

    When we disable the delay, our count of XBL messages tends to go
    up, but they don't appear to be a 1:1 mapping (so if we aren't
    doing both, then some messages slip through).

    We still get thousands of spam (38,782 at a score of 8 or higher,
    for that week) and viruses (9,197 for that week) leaking through,
    but those numbers are 10% (for spam) and 30% (for viruses) of what
    we used to get before instituting SBL/XBL and the 220 Delay.

At home:
    same set up, but 30 second delay.  I tend to block about 15-30
    messages per day via the delay.  I rarely get XBL blocks, but
    sometimes I do.  If I remove the delay, then the XBL blocks
    go up.  So do my virus counts.

    For the SBL, I tend to block about 5-20 per day.  The combination
    just about eliminates all spam and viruses from my email.  SURBL
    catches the rest, via spam assassin (0-3 per day, 0 being much
    more common than 1-3).


In both cases, I tried identifying who verizon's servers are (I used their
MX server list, because those are the hosts that are likely to do the
call-back), and gave them specific values of 15 seconds ... so I can be sure
that they don't have problems with their call backs (for work, that means I
can raise the delay without impacting verizon's servers).



On Feb 15, 2005, at 10:33 AM, JD wrote:

> Does creating a delay in the 220 greeting really make any difference
> in your experience? Im wondering if I shouldupgrade to 8.13 to try it
> out.
>
> -JD
>
> -----Original Message-----
> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]On
> Behalf Of John Rudd
> Sent: Friday, February 11, 2005 9:02 PM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: OT Sendmail configuration question
>
>
> No, milters don't happen until later in the conversation (as far as I
> know), so I don't think milters can do it.  It required new code, so
> I'm pretty sure you really need to use 8.13 and not 8.12.  But, 8.13.1
> is pretty rock solid.  I can't think of a reason NOT to upgrade to it
> from 8.12.
>
> On Feb 11, 2005, at 5:49 PM, Alex Neuman van der Hans wrote:
>
>> There is *no* way to do this on sendmail 8.12, is there? Maybe
>> through a milter? Just asking, not intended as flamebait (you know,
>> people screaming RTFM and the like)...
>>
>> -----Original Message-----
>> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
>> Behalf Of John Rudd
>> Sent: Friday, February 11, 2005 6:33 PM
>> To: MAILSCANNER at JISCMAIL.AC.UK
>> Subject: Re: OT Sendmail configuration question
>>
>> I think he's actually talking about the server delaying the
>> pre-HELO/EHLO greeting (the server's 220 greeting).  It's new to
>> sendmail 8.13.x, and it's called "greet_pause".
>>
>> What you want to do, is anywhere after your "access_db" declaration
>> in the mc file, put:
>>
>> FEATURE(`greet_pause', `30000')dnl
>>
>> The 30000 is in milliseconds, so that's a 30 second delay.  Note that
>> there are some side effects if you go higher than 28 seconds (verizon
>> does "call backs" when accepting email from you, and if they don't
>> get a valid response in 28 seconds, they give up and reject your
>> message).
>>
>> Also, you can put entries in your access_db that look like this:
>>
>> # 220 GreetPause (miliseconds)
>> #
>> GreetPause:127.0.0      0
>> GreetPause:128.114.125  0
>> GreetPause:128.114      3000
>> GreetPause:169.233      15000
>> GreetPause:             30000
>>
>> These set aside other delays based upon the connecting host.  0 means
>> "disable the delay".
>>
>>
>> On Feb 11, 2005, at 14:54, Alex Neuman van der Hans wrote:
>>
>>> I don't think that's what he means. It's an option in newer sendmail
>>> versions (8.13 I think) that lets you insert a delay between the
>>> HELO from the client and the OK from the server.
>>>
>>> -----Original Message-----
>>> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]
>>> On Behalf Of Mark Campbell
>>> Sent: Friday, February 11, 2005 5:47 PM
>>> To: MAILSCANNER at JISCMAIL.AC.UK
>>> Subject: Re: OT Sendmail configuration question
>>>
>>> Is this what you're looking for?
>>>
>>> During an SMTP conversation, a client introduces itself to a server
>>> using the HELO or EHLO command. The standard does not specify what
>>> should be said here, and many Windows clients in fact use a "bogus"
>>> name: for instance, the domain name of the destination server.
>>> Nevertheless, it may sometimes be useful to check the argument to
>>> HELO/EHLO, as many SPAM programs use bogus arguments in a consistent
>>> manner.
>>>
>>> In a very helpful e-mail, a sendmail maintainer explained to me how
>>> this could be done. The trick is to use delayed macro expansion with
>>> the $s macro. As the sendmail manual explains, $s is a transient
>>> macro: at startup, when sendmail reads its configuration file, it
>>> contains the name of the host on which sendmail runs, but during an
>>> SMTP conversation, it expands into the hostname supplied by the
>>> remote client as the argument to HELO/EHLO. By writing $&s, it is
>>> possible to delay the expansion of this macro, so it is expanded
>>> only when it is needed; e.g., during Local_check_rcpt.
>>>
>>> Consequently, my sendmail.mc file contains a local rule set similar
>>> to the following (note that Local_check_rcpt, if exists, is
>>> automatically called by sendmail at the appropriate stage of
>>> processing the
>>> envelope):
>>>
>>> SLocal_check_rcpt
>>> R$*                     $: $&s
>>> Rbogus.domain           $#error $: 550 Spam Forbidden\ ($&s)
>>> R$*                     $@ OK
>>>
>>>
>>> REF: http://www.vttoth.com/heloehlo.htm
>>>
>>> Mark
>>>
>>> Mark Campbell
>>> --
>>> IT Convergence OS Administrator <mcampbell at itconvergence.com>
>>>
>>>
>>> -----Original Message-----
>>> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK]
>>> On Behalf Of Jim Dickenson
>>> Sent: Friday, February 11, 2005 4:48 PM
>>> To: MAILSCANNER at JISCMAIL.AC.UK
>>> Subject: OT Sendmail configuration question
>>>
>>> Some time ago there was talk on this list about using a relatively
>>> new option in sendmail. As I recall there is some option that allows
>>> one to delay the response to a helo or ehlo line. The theory was
>>> that spammers could not afford to wait when sending messages and
>>> they would not wait for the delay time.
>>>
>>> Can someone remind me what the command was.
>>>
>>> I tried to search the archive but not knowing exactly what I am
>>> searching for I did not find the past messages.
>>>
>>> Thanks,
>>> --
>>> Jim Dickenson
>>> mailto:dickenson at cfmc.com
>>>
>>> CfMC
>>> http://www.cfmc.com/
>>>
>>> ------------------------ MailScanner list ------------------------
>>> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
>>> 'leave mailscanner' in the body of the email.
>>> Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
>>> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>>>
>>> Support MailScanner development - buy the book off the website!
>>>
>>> ------------------------ MailScanner list ------------------------
>>> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
>>> 'leave mailscanner' in the body of the email.
>>> Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
>>> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>>>
>>> Support MailScanner development - buy the book off the website!
>>>
>>> ------------------------ MailScanner list ------------------------
>>> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
>>> 'leave mailscanner' in the body of the email.
>>> Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
>>> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>>>
>>> Support MailScanner development - buy the book off the website!
>>
>> ------------------------ MailScanner list ------------------------ To
>> unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
>> 'leave mailscanner' in the body of the email.
>> Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
>> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>>
>> Support MailScanner development - buy the book off the website!
>>
>> ------------------------ MailScanner list ------------------------ To
>> unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
>> 'leave mailscanner' in the body of the email.
>> Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
>> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>>
>> Support MailScanner development - buy the book off the website!
>
> ------------------------ MailScanner list ------------------------ To
> unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and the
> archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!
>
> --
> This message has been scanned for viruses and dangerous content by
> MailScanner, and is believed to be clean.
> MailScanner thanks transtec Computers for their support.
>
> ------------------------ MailScanner list ------------------------ To
> unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and the
> archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!

------------------------ MailScanner list ------------------------ To
unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and the
archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the MAQ (http://www.mailscanner.biz/maq/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!




More information about the MailScanner mailing list