OT: How do you block servers sending oversize messages?

Scott Silva ssilva at sgvwater.com
Thu Oct 19 17:14:20 IST 2006


> Jim Holland wrote:
>> This is a sendmail problem, but hope it's OK to ask here.
>>
>> MANGO has only a 64k connection to the Internet.  We have a major
>> problem with ISPs (mainly Yahoo and Gmail) that don't implement the
>> SMTP SIZE extension.  So when they send us a 10 MB message, for
>> example, we can't reject the message until they have sent us the whole
>> message.  That is a total and serious waste of bandwidth, particularly
>> when some idiot sends us half a dozen 10 MB bmp files for example.
>>
>> On our side we can see the incoming df file growing in size in mqueue.in,
>> and can suspect from the sending server that it is going to be a problem,
>> but obviously can't be sure until it hits our message size limit (1.5
>> MB).  At that point the df file stops increasing in size and we know
>> it's a
>> problem.
>>
>> The manual solution at that point is to determine the sender's IP
>> address,
>> block that in the access file with an appropriate error message, kill the
>> process id associated with the connection and then delete the df
>> file.  Then wait until they next connect and get rejected, and then
>> re-enable the
>> IP in the access file once more (and hope that they don't do it all
>> over again).
>>
>> The above response is definitely worth doing during our peak times as it
>> frees up significant bandwidth.  I could (why don't I?) write a script to
>> monitor and automate the process.  However the problem is fairly
>> fundamental, and I wonder if others are concerned about this issue and
>> whether they have solutions of their own. 
>> I have written to Gmail via a third party who knows the developers there
>> and am told they will think about it and possibly implement an upgrade at
>> some stage.  I don't know how to get hold of anyone interested at Yahoo.
>>
>> Regards
>>
>> Jim Holland
>> System Administrator
>> MANGO - Zimbabwe's non-profit e-mail service
>>
> Ken A spake the following on 10/19/2006 8:54 AM:
> Why don't you put a box at some well fed colo somewhere else and filter
> incoming mail at that point? Given that 80% is spam anyway, you'd
> probably save quite a bit of bandwidth on your 64k frame. As long as you
> control the DNS you could switch back to your local box if you needed to.
> Ken A.
> Pacific.Net
>
If your bandwidth is real expensive, the reduction might even pay for this
colocated server,or even save some money. But if you can't find one in
Zimbabwe to your liking or budget, how difficult is it for you to get
something out of the country?
-- 

MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't!!!!



More information about the MailScanner mailing list