sender verification

Jeff A. Earickson jaearick at COLBY.EDU
Wed May 11 16:29:43 IST 2005


I have been running with a greet_pause setting of 7000 for quite a
while, with a couple of GreetPause settings for 5000 to fix a couple
of problem sites.  It has worked well.  I had problems with some big
ISPs (notably Verizon) when I got up around the 15 second range.

Jeff Earickson
Colby College

On Wed, 11 May 2005, Stephen Swaney wrote:

> Date: Wed, 11 May 2005 11:10:26 -0400
> From: Stephen Swaney <steve.swaney at FSL.COM>
> Reply-To: MailScanner mailing list <MAILSCANNER at JISCMAIL.AC.UK>
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: sender verification
>
>> -----Original Message-----
>> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
>> Behalf Of BB
>> Sent: Wednesday, May 11, 2005 10:26 AM
>> To: MAILSCANNER at JISCMAIL.AC.UK
>> Subject: Re: sender verification
>>
>> Don't think it could be done selectively but you could put this in your
>> sendmail.mc
>>
>> FEATURE(`greet_pause',`30000')dnl
>>
>> Then do your m4 rebuild.
>>
>> Spermmers are very inpatient.
>>
>>
>
> Some caveats:
>
> I believe this feature is only available in sendmail 8.13.x
>
> The 30 second delay may be a bit much. Our testing indicates that we get
> substantial valid spam rejections at 15000 (15 seconds) and don't seem to
> have any false positives. I remember seeing some warnings about some large
> ISP's balking at much over 25 seconds. Most spammers will take very little
> delay :)
>
> Also you can define systems that do not get any delay in your
> /etc/mail/access file:
>
>        # systems that get no greet_pause delay
>        192.168.123.1           0
>        10.1.1.100                      0
>
> Descriptions of this and other 8.13.x features can be found at:
>
> http://www.technoids.org/dossed.html#1.1.
>
> These include:
>        Limiting the Rate of Incoming Connections
>        Limiting Simultaneous Connections
>        Thwarting Dictionary Attacks
>        Blocking Slammers with the greet_pause Feature
>
> I would be good to hear from MailScanners who have implemented any of these
> features. We're still testing right now.
>
> Steve
>
> Steve Swaney
> President
> Fortress Systems Ltd.
> www.fsl.com
> steve.swaney at fsl.com
>
>
>> On 5/11/05, Jim Holland <mailscanner at mango.zw> wrote:
>>
>>       Hi Jan-Peter
>>
>>       On Wed, 11 May 2005, Jan-Peter Koopmann wrote:
>>
>>      >> That is why I would
>>      >> like to see this being implemented after receipt of the
>>      >> message - just as DNSBL and other checks are carried out
>>      >> afterwards by MailScanner.
>>      >
>>      > I use DNSBL at MTA level and with SpamAssassin. If the IP triggers
>> one
>>      > of two RBLs I trust the message is rejected. If it hits one of
>> several
>>      > other RBLs I slow down the SMTP protocol (enforcing
>> synchronization) and
>>      > catch quite a lot of spam with that.
>>
>>       I am not familiar with how to slow down the SMTP connection
>> selectively -
>>       I don't think this is a feature that sendmail offers.
>>
>>      > To be honest: I would think of this as unneccessary overhead. Why
>> don't
>>      > you simply verify the sender address at MTA level, add a header to
>> the
>>      > message in case the verify fails and then write a simple
>> SpamAssassin
>>      > rule for this? That's what we do here. It's quick and no code has
>> to be
>>      > changed. I'm not sure how easy this is with sendmail but with exim
>> this
>>      > is a matter of minutes.
>>
>>       Again, I don't know of any easy method of doing this with sendmail
>> without
>>       writing a special milter.
>>
>>      > New code in MailScanner only brings the possibility of new errors
>> as the
>>      > code gets more and more complex, especially since the feature you
>> want
>>      > would mean implementing/using SMTP. The only advantage would be
>> that
>>      > people not using SpamAssassin could use this functionality. I
>> doubt
>>      > there are many people out there that fit this definition though.
>> :-)
>>
>>       Sadly I am in fact in this category.  The current server could not
>> cope.
>>       However there is a new server sitting on my desk that I have just
>> loaded
>>       with CentOS (RHEL4 clone).  Now to try Exim, SpamAssassin etc . . .
>>
>>       Thanks for your feedback.
>>
>>       Regards
>>
>>       Jim Holland
>>       System Administrator
>>       MANGO - Zimbabwe's non-profit e-mail service
>>
>>       ------------------------ MailScanner list ------------------------
>>       To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
>>       'leave mailscanner' in the body of the email.
>>       Before posting, read the Wiki (http://wiki.mailscanner.info/) and
>>       the archives ( http://www.jiscmail.ac.uk/lists/mailscanner.html
>> <http://www.jiscmail.ac.uk/lists/mailscanner.html> ).
>>
>>       Support MailScanner development - buy the book off the website!
>>
>>
>>
>> ------------------------ MailScanner list ------------------------
>> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
>> 'leave mailscanner' in the body of the email.
>> Before posting, read the Wiki (http://wiki.mailscanner.info/)
>> and the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>>
>> Support MailScanner development - buy the book off the website!
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!
>

------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).

Support MailScanner development - buy the book off the website!




More information about the MailScanner mailing list