sender verification
Jeff A. Earickson
jaearick at COLBY.EDU
Wed May 11 16:29:43 IST 2005
I have been running with a greet_pause setting of 7000 for quite a
while, with a couple of GreetPause settings for 5000 to fix a couple
of problem sites. It has worked well. I had problems with some big
ISPs (notably Verizon) when I got up around the 15 second range.
Jeff Earickson
Colby College
On Wed, 11 May 2005, Stephen Swaney wrote:
> Date: Wed, 11 May 2005 11:10:26 -0400
> From: Stephen Swaney <steve.swaney at FSL.COM>
> Reply-To: MailScanner mailing list <MAILSCANNER at JISCMAIL.AC.UK>
> To: MAILSCANNER at JISCMAIL.AC.UK
> Subject: Re: sender verification
>
>> -----Original Message-----
>> From: MailScanner mailing list [mailto:MAILSCANNER at JISCMAIL.AC.UK] On
>> Behalf Of BB
>> Sent: Wednesday, May 11, 2005 10:26 AM
>> To: MAILSCANNER at JISCMAIL.AC.UK
>> Subject: Re: sender verification
>>
>> Don't think it could be done selectively but you could put this in your
>> sendmail.mc
>>
>> FEATURE(`greet_pause',`30000')dnl
>>
>> Then do your m4 rebuild.
>>
>> Spermmers are very inpatient.
>>
>>
>
> Some caveats:
>
> I believe this feature is only available in sendmail 8.13.x
>
> The 30 second delay may be a bit much. Our testing indicates that we get
> substantial valid spam rejections at 15000 (15 seconds) and don't seem to
> have any false positives. I remember seeing some warnings about some large
> ISP's balking at much over 25 seconds. Most spammers will take very little
> delay :)
>
> Also you can define systems that do not get any delay in your
> /etc/mail/access file:
>
> # systems that get no greet_pause delay
> 192.168.123.1 0
> 10.1.1.100 0
>
> Descriptions of this and other 8.13.x features can be found at:
>
> http://www.technoids.org/dossed.html#1.1.
>
> These include:
> Limiting the Rate of Incoming Connections
> Limiting Simultaneous Connections
> Thwarting Dictionary Attacks
> Blocking Slammers with the greet_pause Feature
>
> I would be good to hear from MailScanners who have implemented any of these
> features. We're still testing right now.
>
> Steve
>
> Steve Swaney
> President
> Fortress Systems Ltd.
> www.fsl.com
> steve.swaney at fsl.com
>
>
>> On 5/11/05, Jim Holland <mailscanner at mango.zw> wrote:
>>
>> Hi Jan-Peter
>>
>> On Wed, 11 May 2005, Jan-Peter Koopmann wrote:
>>
>> >> That is why I would
>> >> like to see this being implemented after receipt of the
>> >> message - just as DNSBL and other checks are carried out
>> >> afterwards by MailScanner.
>> >
>> > I use DNSBL at MTA level and with SpamAssassin. If the IP triggers
>> one
>> > of two RBLs I trust the message is rejected. If it hits one of
>> several
>> > other RBLs I slow down the SMTP protocol (enforcing
>> synchronization) and
>> > catch quite a lot of spam with that.
>>
>> I am not familiar with how to slow down the SMTP connection
>> selectively -
>> I don't think this is a feature that sendmail offers.
>>
>> > To be honest: I would think of this as unneccessary overhead. Why
>> don't
>> > you simply verify the sender address at MTA level, add a header to
>> the
>> > message in case the verify fails and then write a simple
>> SpamAssassin
>> > rule for this? That's what we do here. It's quick and no code has
>> to be
>> > changed. I'm not sure how easy this is with sendmail but with exim
>> this
>> > is a matter of minutes.
>>
>> Again, I don't know of any easy method of doing this with sendmail
>> without
>> writing a special milter.
>>
>> > New code in MailScanner only brings the possibility of new errors
>> as the
>> > code gets more and more complex, especially since the feature you
>> want
>> > would mean implementing/using SMTP. The only advantage would be
>> that
>> > people not using SpamAssassin could use this functionality. I
>> doubt
>> > there are many people out there that fit this definition though.
>> :-)
>>
>> Sadly I am in fact in this category. The current server could not
>> cope.
>> However there is a new server sitting on my desk that I have just
>> loaded
>> with CentOS (RHEL4 clone). Now to try Exim, SpamAssassin etc . . .
>>
>> Thanks for your feedback.
>>
>> Regards
>>
>> Jim Holland
>> System Administrator
>> MANGO - Zimbabwe's non-profit e-mail service
>>
>> ------------------------ MailScanner list ------------------------
>> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
>> 'leave mailscanner' in the body of the email.
>> Before posting, read the Wiki (http://wiki.mailscanner.info/) and
>> the archives ( http://www.jiscmail.ac.uk/lists/mailscanner.html
>> <http://www.jiscmail.ac.uk/lists/mailscanner.html> ).
>>
>> Support MailScanner development - buy the book off the website!
>>
>>
>>
>> ------------------------ MailScanner list ------------------------
>> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
>> 'leave mailscanner' in the body of the email.
>> Before posting, read the Wiki (http://wiki.mailscanner.info/)
>> and the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>>
>> Support MailScanner development - buy the book off the website!
>
> ------------------------ MailScanner list ------------------------
> To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
> 'leave mailscanner' in the body of the email.
> Before posting, read the Wiki (http://wiki.mailscanner.info/) and
> the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
>
> Support MailScanner development - buy the book off the website!
>
------------------------ MailScanner list ------------------------
To unsubscribe, email jiscmail at jiscmail.ac.uk with the words:
'leave mailscanner' in the body of the email.
Before posting, read the Wiki (http://wiki.mailscanner.info/) and
the archives (http://www.jiscmail.ac.uk/lists/mailscanner.html).
Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list