sender verification

Stephen Swaney steve.swaney at FSL.COM
Wed May 11 17:10:52 IST 2005


> -----Original Message-----
> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
> Behalf Of Jeff A. Earickson
> Sent: Wednesday, May 11, 2005 11:30 AM
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: sender verification
>
> I have been running with a greet_pause setting of 7000 for quite a
> while, with a couple of GreetPause settings for 5000 to fix a couple
> of problem sites.  It has worked well.  I had problems with some big
> ISPs (notably Verizon) when I got up around the 15 second range.
>
> Jeff Earickson
> Colby College
>
> On Wed, 11 May 2005, Stephen Swaney wrote:
>

We have a relatively small sample of emails on our test server so I'd second
Jeff's settings of 5000 to 7500 ms. The traffic I've seen on possible
settings also seems to indicate that there is not much gain from higher
settings but much more possible pain.

Steve


Steve Swaney
President
Fortress Systems Ltd.
Phone: 202 338-1670
Cell: 202 352-3262
www.fsl.com
steve.swaney at fsl.com

> > Date: Wed, 11 May 2005 11:10:26 -0400
> > From: Stephen Swaney <steve.swaney at FSL.COM>
> > Reply-To: MailScanner mailing list <MAILSCANNER at JISCMAIL.AC.UK>
> > To: MAILSCANNER at JISCMAIL.AC.UK
> > Subject: Re: sender verification
> >
> >> -----Original Message-----
> >> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
> >> Behalf Of BB
> >> Sent: Wednesday, May 11, 2005 10:26 AM
> >> To: MAILSCANNER at JISCMAIL.AC.UK
> >> Subject: Re: sender verification
> >>
> >> Don't think it could be done selectively but you could put this in your
> >> sendmail.mc
> >>
> >> FEATURE(`greet_pause',`30000')dnl
> >>
> >> Then do your m4 rebuild.
> >>
> >> Spermmers are very inpatient.
> >>
> >>
> >
> > Some caveats:
> >
> > I believe this feature is only available in sendmail 8.13.x
> >
> > The 30 second delay may be a bit much. Our testing indicates that we get
> > substantial valid spam rejections at 15000 (15 seconds) and don't seem
> to
> > have any false positives. I remember seeing some warnings about some
> large
> > ISP's balking at much over 25 seconds. Most spammers will take very
> little
> > delay :)
> >
> > Also you can define systems that do not get any delay in your
> > /etc/mail/access file:
> >
> >        # systems that get no greet_pause delay
> >        192.168.123.1           0
> >        10.1.1.100                      0
> >
> > Descriptions of this and other 8.13.x features can be found at:
> >
> > http://www.technoids.org/dossed.html#1.1.
> >
> > These include:
> >        Limiting the Rate of Incoming Connections
> >        Limiting Simultaneous Connections
> >        Thwarting Dictionary Attacks
> >        Blocking Slammers with the greet_pause Feature
> >
> > I would be good to hear from MailScanners who have implemented any of
> these
> > features. We're still testing right now.
> >
> > Steve
> >
> > Steve Swaney
> > President
> > Fortress Systems Ltd.
> > www.fsl.com
> > steve.swaney at fsl.com
> >
> >
> >> On 5/11/05, Jim Holland <mailscanner at mango.zw> wrote:
> >>
> >>       Hi Jan-Peter
> >>
> >>       On Wed, 11 May 2005, Jan-Peter Koopmann wrote:
> >>
> >>      >> That is why I would
> >>      >> like to see this being implemented after receipt of the
> >>      >> message - just as DNSBL and other checks are carried out
> >>      >> afterwards by MailScanner.
> >>      >
> >>      > I use DNSBL at MTA level and with SpamAssassin. If the IP
> triggers
> >> one
> >>      > of two RBLs I trust the message is rejected. If it hits one of
> >> several
> >>      > other RBLs I slow down the SMTP protocol (enforcing
> >> synchronization) and
> >>      > catch quite a lot of spam with that.
> >>
> >>       I am not familiar with how to slow down the SMTP connection
> >> selectively -
> >>       I don't think this is a feature that sendmail offers.
> >>
> >>      > To be honest: I would think of this as unneccessary overhead.
> Why
> >> don't
> >>      > you simply verify the sender address at MTA level, add a header
> to
> >> the
> >>      > message in case the verify fails and then write a simple
> >> SpamAssassin
> >>      > rule for this? That's what we do here. It's quick and no code
> has
> >> to be
> >>      > changed. I'm not sure how easy this is with sendmail but with
> exim
> >> this
> >>      > is a matter of minutes.
> >>
> >>       Again, I don't know of any easy method of doing this with
> sendmail
> >> without
> >>       writing a special milter.
> >>
> >>      > New code in MailScanner only brings the possibility of new
> errors
> >> as the
> >>      > code gets more and more complex, especially since the feature
> you
> >> want
> >>      > would mean implementing/using SMTP. The only advantage would be
> >> that
> >>      > people not using SpamAssassin could use this functionality. I
> >> doubt
> >>      > there are many people out there that fit this definition though.
> >> :-)
> >>
> >>       Sadly I am in fact in this category.  The current server could
> not
> >> cope.
> >>       However there is a new server sitting on my desk that I have just
> >> loaded
> >>       with CentOS (RHEL4 clone).  Now to try Exim, SpamAssassin etc . .
> .
> >>
> >>       Thanks for your feedback.
> >>
> >>       Regards
> >>
> >>       Jim Holland
> >>       System Administrator
> >>       MANGO - Zimbabwe's non-profit e-mail service
> >>
> >>       ------------------------ MailScanner list -----------------------
> -
> >>       To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> >>       'leave mailscanner' in the body of the email.
> >>       Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> >>       the archives ( http://www.jiscmail.ac.uk/lists/mailscanner.html
> >> <http://www.jiscmail.ac.uk/lists/mailscanner.html> ).
> >>
> >>       Support MailScanner development - buy the book off the website!
> >>
> >>
> >>
> >> ------------------------ MailScanner list ------------------------
> >> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> >> 'leave mailscanner' in the body of the email.
> >> Before posting, read the Wiki (http://wiki.mailscanner.info/)
> >> and the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
> >>
> >> Support MailScanner development - buy the book off the website!
> >
> > ------------------------ MailScanner list ------------------------
> > To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> > 'leave mailscanner' in the body of the email.
> > Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> > the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
> >
> > Support MailScanner development - buy the book off the website!
> >
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!




More information about the MailScanner mailing list