On Tuesday, Apr 26th 2005 at 10:19 -0400, quoth Bruce Dawson: =>On Mon, 2005-04-25 at 21:54 -0400, Benjamin Scott wrote: =>> On Apr 25 at 3:13pm, Bruce Dawson wrote: =>> > Steven: Thanks for the clarification. I was under the impression that the =>> > milter is called only after the message had been received. =>> Obviously, in order to do content analysis or other magic on a message, you =>> have to receive the content. As I understand it, what these tools do is allow =>> the SMTP "DATA" verb to be sent, and to receive some or all of the data from =>> the sender. Then, before the SMTP result code 250 ("Message accepted for =>> delivery") code is sent, the filter runs and makes a decision. If the message =>> fails, an SMTP error status code is sent instead. => =>Hmmm. So milters actually won't be much good for reducing the amount of =>bandwidth occupied by spam - most of the message comes through before a =>decision is made. => =>My observation has been that some spammers don't wait for the 250 reply, =>and will just cut the connection after sending the "dot" command. => =>--Bruce =>
One of the solutions to that problem is to use the new greet_pause feature. It attacks the problem at the begging instead of at the end: greet_pause Adds the greet_pause ruleset which enables open proxy and SMTP slamming protection. The feature can take an argument specifying the milliseconds to wait: FEATURE(`greet_pause', `5000') dnl 5 seconds If FEATURE(`access_db') is enabled, an access database lookup with the GreetPause tag is done using client hostname, domain, IP address, or subnet to determine the pause time: GreetPause:my.domain 0 GreetPause:example.com 5000 GreetPause:10.1.2 2000 GreetPause:127.0.0.1 0 When using FEATURE(`access_db'), the optional FEATURE(`greet_pause') argument becomes the default if nothing is found in the access database. A ruleset called Local_greet_pause can be used for local modifications, e.g., LOCAL_RULESETS SLocal_greet_pause R$* $: $&{daemon_flags} R$* a $* $# 0 -- Time flies like the wind. Fruit flies like a banana. Stranger things have .0. happened but none stranger than this. Does your driver's license say Organ ..0 Donor?Black holes are where God divided by zero. Listen to me! We are all- 000 individuals! What if this weren't a hypothetical question? steveo at syslang.net _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss