sendmail greet_pause feature

Oliver Falk oliver at linux-kernel.at
Wed Feb 1 11:50:15 GMT 2006


On 02/01/2006 11:49 AM, Randal, Phil wrote:
> You could always try grabbing the Centos 4.2 sendmail 8.13 source RPM
> and rebuilding:
> 
>   rpm --rebuild
> http://anorien.csc.warwick.ac.uk/mirrors/centos/4.2/os/SRPMS/sendmail-8.
> 13.1-2.src.rpm
> 
> for example, and then installing (and reconfiguring as necessary).

Go to http://rpms.linux-kernel.at/ and search for sendmail. You'll find 
srpms that will work fine with CentOS and you'll also find rpms for 
CentOS 3 and 4.1.

Best,
  Oliver

> Cheers,
> 
> Phil
> 
> ----
> Phil Randal
> Network Engineer
> Herefordshire Council
> Hereford, UK  
> 
>> -----Original Message-----
>> From: mailscanner-bounces at lists.mailscanner.info 
>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf 
>> Of Roger Jochem
>> Sent: 01 February 2006 10:26
>> To: MailScanner discussion
>> Subject: Re: sendmail greet_pause feature
>>
>> I'm using the rpm version of sendmail in my centos-3 box 
>> (sendmail 8.12) and I would like to upgrade to sendmail 8.13 
>> to use this feature, that seems really great. Is there some 
>> problem I should be aware, or the tar.gz version found at 
>> sendmail.org would work fine on my machine? Anyone using 8.13 at
>> centos-3 or some similar OS?
>>
>> Regards
>>
>> Roger Jochem
>>
>> ----- Original Message -----
>> From: "Anders Andersson, IT" <anders.andersson at ltkalmar.se>
>> To: "MailScanner discussion" <mailscanner at lists.mailscanner.info>
>> Sent: Wednesday, February 01, 2006 8:01 AM
>> Subject: RE: sendmail greet_pause feature
>>
>>
>>>> -----Original Message-----
>>>> From: mailscanner-bounces at lists.mailscanner.info
>>>> [mailto:mailscanner-bounces at lists.mailscanner.info] On Behalf
>>>> Of Jim Holland
>>>> Sent: Wednesday, February 01, 2006 9:12 AM
>>>> To: MailScanner mailing list
>>>> Subject: OT: sendmail greet_pause feature
>>>>
>>>> Perhaps other sendmail users know all about this, but I have
>>>> only looked at it for the first time.
>>>>
>>>> I run sendmail 8.13.1 and have decided to implement the
>>>> greet_pause feature for the first time (after seeing that it
>>>> is a default option in Debian installations).  This requires
>>>> a specified delay after connection, which can be network
>>>> specific, before a client system is allowed to send any SMTP
>>>> commands.  Any client that breaks normal SMTP protocols by
>>>> trying to force commands before receiving the go-ahead is
>>>> immediately disconnected.  This seems to distinguish very
>>>> successfully between genuine mailers and spammers/viruses
>>>> that are not RFC-compliant.
>>>>
>>>> Using a 5 second delay I have found that the system has
>>>> blocked over 3200 connections in the first 24 hours I used
>>>> it.  The client systems were all typical of spammers, with
>>>> adsl/ppp/dhcp/dialup/cable/cpe type hostnames or no PTR
>>>> record at all.  I found only four systems in the blocked
>>>> group that looked as if they were genuine.  On further
>>>> investigation I found that earlier log records for some of
>>>> those sites indicated behaviour typical of virus infections
>>>> in any case.
>>> I second that, thoguh I raised mine to 25 sec just for the 
>> fun of it. I
>>> started low but raised it by 5 sec eeverytime and its been running
>>> smooth. So far no one complained and the ones we have a great
>>> mailexchange with been added to acces list
>>>
>>> /Anders
>>>
>>>> To implement the feature:
>>>>
>>>> Add the following to the sendmail.mc file:
>>>>
>>>> FEATURE(`greet_pause', `5000')dnl 5 seconds
>>>>
>>>> Rebuild sendmail and restart MailScanner:
>>>>
>>>> m4 < sendmail.mc > sendmail.cf
>>>> service MailScanner restart
>>>>
>>>> Then specific entries for client hostname, domain, IP address
>>>> or subnet can be put in the access file:
>>>>
>>>> GreetPause:my.domain    0
>>>> GreetPause:example.com  5000
>>>> GreetPause:10.1.2       2000
>>>> GreetPause:127.0.0.1    0
>>>>
>>>> Definitely worth a look I would say, as it blocks large
>>>> numbers of spammers before they are allowed to send any data,
>>>> with very low risk of blocking genuine systems.  It even
>>>> seems to allow genuine mail from infected systems to be
>>>> accepted while blocking viruses from those same systems
>>>> before the DATA phase - as many viruses seem to behave rather
>>>> impolitely :-)
>>>>
>>>> Regards
>>>>
>>>> Jim Holland
>>>> System Administrator
>>>> MANGO - Zimbabwe's non-profit e-mail service
>>> -- 
>>> MailScanner mailing list
>>> MailScanner at lists.mailscanner.info
>>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>>
>>> Before posting, read http://wiki.mailscanner.info/posting
>>>
>>> Support MailScanner development - buy the book off the website! 
>> -- 
>> MailScanner mailing list
>> MailScanner at lists.mailscanner.info
>> http://lists.mailscanner.info/mailman/listinfo/mailscanner
>>
>> Before posting, read http://wiki.mailscanner.info/posting
>>
>> Support MailScanner development - buy the book off the website! 
>>



More information about the MailScanner mailing list