sendmail greet_pause feature
Roger Jochem
roger at rudnick.com.br
Wed Feb 1 10:57:10 GMT 2006
I will try that...
Thanks...
----- Original Message -----
From: "Randal, Phil" <prandal at herefordshire.gov.uk>
To: "MailScanner discussion" <mailscanner at lists.mailscanner.info>
Sent: Wednesday, February 01, 2006 8:49 AM
Subject: RE: sendmail greet_pause feature
> You could always try grabbing the Centos 4.2 sendmail 8.13 source RPM
> and rebuilding:
>
> rpm --rebuild
> http://anorien.csc.warwick.ac.uk/mirrors/centos/4.2/os/SRPMS/sendmail-8.
> 13.1-2.src.rpm
>
> for example, and then installing (and reconfiguring as necessary).
>
> Cheers,
>
> Phil
>
> ----
> Phil Randal
> Network Engineer
> Herefordshire Council
> Hereford, UK
>
>> -----Original Message-----
>> From: mailscanner-bounces at lists.mailscanner.info
>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf
>> Of Roger Jochem
>> Sent: 01 February 2006 10:26
>> To: MailScanner discussion
>> Subject: Re: sendmail greet_pause feature
>>
>> I'm using the rpm version of sendmail in my centos-3 box
>> (sendmail 8.12) and I would like to upgrade to sendmail 8.13
>> to use this feature, that seems really great. Is there some
>> problem I should be aware, or the tar.gz version found at
>> sendmail.org would work fine on my machine? Anyone using 8.13 at
>> centos-3 or some similar OS?
>>
>> Regards
>>
>> Roger Jochem
>>
>> ----- Original Message -----
>> From: "Anders Andersson, IT" <anders.andersson at ltkalmar.se>
>> To: "MailScanner discussion" <mailscanner at lists.mailscanner.info>
>> Sent: Wednesday, February 01, 2006 8:01 AM
>> Subject: RE: sendmail greet_pause feature
>>
>>
>> >> -----Original Message-----
>> >> From: mailscanner-bounces at lists.mailscanner.info
>> >> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf
>> >> Of Jim Holland
>> >> Sent: Wednesday, February 01, 2006 9:12 AM
>> >> To: MailScanner mailing list
>> >> Subject: OT: sendmail greet_pause feature
>> >>
>> >> Perhaps other sendmail users know all about this, but I have
>> >> only looked at it for the first time.
>> >>
>> >> I run sendmail 8.13.1 and have decided to implement the
>> >> greet_pause feature for the first time (after seeing that it
>> >> is a default option in Debian installations). This requires
>> >> a specified delay after connection, which can be network
>> >> specific, before a client system is allowed to send any SMTP
>> >> commands. Any client that breaks normal SMTP protocols by
>> >> trying to force commands before receiving the go-ahead is
>> >> immediately disconnected. This seems to distinguish very
>> >> successfully between genuine mailers and spammers/viruses
>> >> that are not RFC-compliant.
>> >>
>> >> Using a 5 second delay I have found that the system has
>> >> blocked over 3200 connections in the first 24 hours I used
>> >> it. The client systems were all typical of spammers, with
>> >> adsl/ppp/dhcp/dialup/cable/cpe type hostnames or no PTR
>> >> record at all. I found only four systems in the blocked
>> >> group that looked as if they were genuine. On further
>> >> investigation I found that earlier log records for some of
>> >> those sites indicated behaviour typical of virus infections
>> >> in any case.
>> >
>> > I second that, thoguh I raised mine to 25 sec just for the
>> fun of it. I
>> > started low but raised it by 5 sec eeverytime and its been running
>> > smooth. So far no one complained and the ones we have a great
>> > mailexchange with been added to acces list
>> >
>> > /Anders
>> >
>> >>
>> >> To implement the feature:
>> >>
>> >> Add the following to the sendmail.mc file:
>> >>
>> >> FEATURE(`greet_pause', `5000')dnl 5 seconds
>> >>
>> >> Rebuild sendmail and restart MailScanner:
>> >>
>> >> m4 < sendmail.mc > sendmail.cf
>> >> service MailScanner restart
>> >>
>> >> Then specific entries for client hostname, domain, IP address
>> >> or subnet can be put in the access file:
>> >>
>> >> GreetPause:my.domain 0
>> >> GreetPause:example.com 5000
>> >> GreetPause:10.1.2 2000
>> >> GreetPause:127.0.0.1 0
>> >>
>> >> Definitely worth a look I would say, as it blocks large
>> >> numbers of spammers before they are allowed to send any data,
>> >> with very low risk of blocking genuine systems. It even
>> >> seems to allow genuine mail from infected systems to be
>> >> accepted while blocking viruses from those same systems
>> >> before the DATA phase - as many viruses seem to behave rather
>> >> impolitely :-)
>> >>
>> >> Regards
>> >>
>> >> Jim Holland
>> >> System Administrator
>> >> MANGO - Zimbabwe's non-profit e-mail service
>> > --
>> > MailScanner mailing list
>> > MailScanner at lists.mailscanner.info
>> > http://lists.mailscanner.info/mailman/listinfo/mailscanner
>> >
>> > Before posting, read http://wiki.mailscanner.info/posting
>> >
>> > Support MailScanner development - buy the book off the website!
>>
>> --
>> MailScanner mailing list
>> MailScanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>> Before posting, read http://wiki.mailscanner.info/posting
>>
>> Support MailScanner development - buy the book off the website!
>>
> --
> MailScanner mailing list
> MailScanner at lists.mailscanner.info
> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>
> Before posting, read http://wiki.mailscanner.info/posting
>
> Support MailScanner development - buy the book off the website!
More information about the MailScanner
mailing list