sendmail greet_pause feature

Plant, Dean dean.plant at
Wed Feb 1 16:07:40 GMT 2006

Should this be used as a replacement to greylisting or can it be used
along side?


-----Original Message-----
From: mailscanner-bounces at
[mailto:mailscanner-bounces at] On Behalf Of Jim
Sent: 01 February 2006 08:12
To: MailScanner mailing list
Subject: OT: sendmail greet_pause feature

Perhaps other sendmail users know all about this, but I have only looked

at it for the first time.

I run sendmail 8.13.1 and have decided to implement the greet_pause
feature for the first time (after seeing that it is a default option in
Debian installations).  This requires a specified delay after
which can be network specific, before a client system is allowed to send
any SMTP commands.  Any client that breaks normal SMTP protocols by
to force commands before receiving the go-ahead is immediately
disconnected.  This seems to distinguish very successfully between
mailers and spammers/viruses that are not RFC-compliant.

Using a 5 second delay I have found that the system has blocked over
connections in the first 24 hours I used it.  The client systems were
typical of spammers, with adsl/ppp/dhcp/dialup/cable/cpe type hostnames
no PTR record at all.  I found only four systems in the blocked group
looked as if they were genuine.  On further investigation I found that
earlier log records for some of those sites indicated behaviour typical
virus infections in any case.

To implement the feature:

Add the following to the file:

	FEATURE(`greet_pause', `5000')dnl 5 seconds

Rebuild sendmail and restart MailScanner:

	m4 < >
	service MailScanner restart

Then specific entries for client hostname, domain, IP address or subnet 
can be put in the access file:

	GreetPause:my.domain    0  5000
	GreetPause:10.1.2       2000
	GreetPause:    0

Definitely worth a look I would say, as it blocks large numbers of 
spammers before they are allowed to send any data, with very low risk of

blocking genuine systems.  It even seems to allow genuine mail from 
infected systems to be accepted while blocking viruses from those same 
systems before the DATA phase - as many viruses seem to behave rather
impolitely :-)


Jim Holland
System Administrator
MANGO - Zimbabwe's non-profit e-mail service

MailScanner mailing list
MailScanner at

Before posting, read

Support MailScanner development - buy the book off the website! 

More information about the MailScanner mailing list