> Sam Varshavchik wrote: >> Not really. Most SMTP senders will try again if they get disconnected in >> this manner, > > This is not the case using rblsmtpd, because there is a minimal smtp > conversation declaring the sender as spammer and closing gracefully the > smtp > connection. > > Could courier-smtp do the same thing? It's important for me.
Sam, it seems this kind or problem is becoming more common. May be you should think in some other aproach to face this. May be some runtime configuration option where we could set submit to end the smtp handshake and realease the socket when a blacklisted IP is found (as some other errors like user unknown, SPF hard error, relay denied,...). Sandro, this issue was already discussed before: http://sourceforge.net/mailarchive/message.php?msg_name=2a2a999b463a423bb4fc685953cd2...@task.com.br and http://sourceforge.net/mailarchive/message.php?msg_name=57e1d670b1439e830f741874a6444...@localhost My current aproach is to use ps-watcher to kill submit when its a suspect zombie attacked one. My esmtpd MAXDAEMONS is 450. I have lines like this on ps-wacher.conf: ----------------------------------------------------------------------- # Restart esmtpd if too many daemons running. Send email notifying. [courieresmtpd] trigger = $count > 440 action = <<EOT /usr/sbin/esmtpd stop /bin/echo -e "To: ema...@domain.com\\nfrom: pswatch...@domain.com\\nsubject: `hostname -s` courieresmtpd restarting\\n\\ncourie /bin/sleep 3 /usr/sbin/esmtpd start EOT # Kill submit ppid (courieresmtpd) when its on defunct [submit] trigger = ('$state' =~ /Z/) occurs = every action = /bin/kill -14 $ppid ---------------------------------------------------------------------------- For a more agressive aproach you could kill non authenticated users after a 20 minutes connection, but this could kill valid connections when receiving large emails through slow links. Use this submit zone: # Kill submit ppid (courieresmtpd) when its on defunct or a suspect zombie [submit] trigger = ('$state' =~ /Z/) || (('$args' =~ 'submit -src=smtp esmtp dns; .*') && (elapsed2secs('$etime') > 20*MINS)) occurs = every action = /bin/kill -14 $ppid --------------------------------------------------------------------------- Marcus Pereira ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ courier-users mailing list courier-users@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users