sendmail greet_pause feature

Randal, Phil prandal at herefordshire.gov.uk
Wed Feb 1 10:49:08 GMT 2006 

You could always try grabbing the Centos 4.2 sendmail 8.13 source RPM
and rebuilding:

  rpm --rebuild
http://anorien.csc.warwick.ac.uk/mirrors/centos/4.2/os/SRPMS/sendmail-8.
13.1-2.src.rpm

for example, and then installing (and reconfiguring as necessary).

Cheers,

Phil

----
Phil Randal
Network Engineer
Herefordshire Council
Hereford, UK  

> -----Original Message-----
> From: mailscanner-bounces at lists.mailscanner.info 
> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf 
> Of Roger Jochem
> Sent: 01 February 2006 10:26
> To: MailScanner discussion
> Subject: Re: sendmail greet_pause feature
> 
> I'm using the rpm version of sendmail in my centos-3 box 
> (sendmail 8.12) and I would like to upgrade to sendmail 8.13 
> to use this feature, that seems really great. Is there some 
> problem I should be aware, or the tar.gz version found at 
> sendmail.org would work fine on my machine? Anyone using 8.13 at
> centos-3 or some similar OS?
> 
> Regards
> 
> Roger Jochem
> 
> ----- Original Message -----
> From: "Anders Andersson, IT" <anders.andersson at ltkalmar.se>
> To: "MailScanner discussion" <mailscanner at lists.mailscanner.info>
> Sent: Wednesday, February 01, 2006 8:01 AM
> Subject: RE: sendmail greet_pause feature
> 
> 
> >> -----Original Message-----
> >> From: mailscanner-bounces at lists.mailscanner.info
> >> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf
> >> Of Jim Holland
> >> Sent: Wednesday, February 01, 2006 9:12 AM
> >> To: MailScanner mailing list
> >> Subject: OT: sendmail greet_pause feature
> >>
> >> Perhaps other sendmail users know all about this, but I have
> >> only looked at it for the first time.
> >>
> >> I run sendmail 8.13.1 and have decided to implement the
> >> greet_pause feature for the first time (after seeing that it
> >> is a default option in Debian installations).  This requires
> >> a specified delay after connection, which can be network
> >> specific, before a client system is allowed to send any SMTP
> >> commands.  Any client that breaks normal SMTP protocols by
> >> trying to force commands before receiving the go-ahead is
> >> immediately disconnected.  This seems to distinguish very
> >> successfully between genuine mailers and spammers/viruses
> >> that are not RFC-compliant.
> >>
> >> Using a 5 second delay I have found that the system has
> >> blocked over 3200 connections in the first 24 hours I used
> >> it.  The client systems were all typical of spammers, with
> >> adsl/ppp/dhcp/dialup/cable/cpe type hostnames or no PTR
> >> record at all.  I found only four systems in the blocked
> >> group that looked as if they were genuine.  On further
> >> investigation I found that earlier log records for some of
> >> those sites indicated behaviour typical of virus infections
> >> in any case.
> >
> > I second that, thoguh I raised mine to 25 sec just for the 
> fun of it. I
> > started low but raised it by 5 sec eeverytime and its been running
> > smooth. So far no one complained and the ones we have a great
> > mailexchange with been added to acces list
> >
> > /Anders
> >
> >>
> >> To implement the feature:
> >>
> >> Add the following to the sendmail.mc file:
> >>
> >> FEATURE(`greet_pause', `5000')dnl 5 seconds
> >>
> >> Rebuild sendmail and restart MailScanner:
> >>
> >> m4 < sendmail.mc > sendmail.cf
> >> service MailScanner restart
> >>
> >> Then specific entries for client hostname, domain, IP address
> >> or subnet can be put in the access file:
> >>
> >> GreetPause:my.domain    0
> >> GreetPause:example.com  5000
> >> GreetPause:10.1.2       2000
> >> GreetPause:127.0.0.1    0
> >>
> >> Definitely worth a look I would say, as it blocks large
> >> numbers of spammers before they are allowed to send any data,
> >> with very low risk of blocking genuine systems.  It even
> >> seems to allow genuine mail from infected systems to be
> >> accepted while blocking viruses from those same systems
> >> before the DATA phase - as many viruses seem to behave rather
> >> impolitely :-)
> >>
> >> Regards
> >>
> >> Jim Holland
> >> System Administrator
> >> MANGO - Zimbabwe's non-profit e-mail service
> > -- 
> > MailScanner mailing list
> > MailScanner at lists.mailscanner.info
> > http://lists.mailscanner.info/mailman/listinfo/mailscanner
> >
> > Before posting, read http://wiki.mailscanner.info/posting
> >
> > Support MailScanner development - buy the book off the website! 
> 
> -- 
> MailScanner mailing list
> MailScanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> 
> Before posting, read http://wiki.mailscanner.info/posting
> 
> Support MailScanner development - buy the book off the website! 
>

More information about the MailScanner mailing list