Re: Forcing Sendmail to close connection (was Re: [Mimedefang] Blocking spam senders using IPTables?)

[Aleksandar Milivojevic]

David F. Skoll wrote:
On Wed, 3 Nov 2004, Aleksandar Milivojevic wrote:

This is because we have only "error" built-in mailer in Sendmail.  If we
had "disconnect" built-in mailer, things would probably be a bit different.

From reading the Sendmail source code, it looks like Sendmail 8.13.1
treats a 421 reply code from a milter "magically", and shuts down the
connection.  See line 3376 of sendmail/milter.c and line 848 of
sendmail/srvsmtp.c.  I do not believe this "feature" exists in Sendmail
8.12.x.
It looks like some rule sets can also force the connection to be terminated
by returning 421.
Not treating it magically.  It treats it logically. ;-)
421 is used when server side of connection must close its end.  For 
example, if you send SIGTERM to Sendmail (or any other MTA), it *must* 
attempt to asynchroniously send 421 to all connected clients before it 
exits, in the hope that client will pick it up when it tries to issue 
next command.  Basically, it is a way to say client "Something is 
killing me, I wan't be able to finish this transaction, try again 
later".  Basically, after sending 421, there's no point in keeping the 
connection open anymore.

I've attempted to put this into access file on 8.12.x, and also to send 
it from MIMEDefang, and Sendmail doesn't close the connection.  So I 
guess it is something new in 8.13.x.

Also 4xx codes are temp failures, instructing client to try again 
later...  So there are some drawbacks in case of false positives.  For 
starters.  Legitimate senders will not be notified right away that teir 
mail hasn't made it (usually delay of around 5 days).  If filter becomes 
trigger happy, bunch of sites will constantly retry to deliver bunch of 
emails to you (which is good and bad, you can quicly fix the filter 
before anything is permanently rejected)...  I guess this works nicely 
with logic behind Can-It?

--
Aleksandar Milivojevic <[EMAIL PROTECTED]>Pollard Banknote Limited
Systems Administrator   1499 Buffalo Place
Tel: (204) 474-2323 ext 276 Winnipeg, MB  R3T 1L7
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang

Forcing Sendmail to close connection (was Re: [Mimedefang] Blocking spam senders using IPTables?)

[David F. Skoll]

On Wed, 3 Nov 2004, Aleksandar Milivojevic wrote:

> This is because we have only "error" built-in mailer in Sendmail.  If we
> had "disconnect" built-in mailer, things would probably be a bit different.

>From reading the Sendmail source code, it looks like Sendmail 8.13.1
treats a 421 reply code from a milter "magically", and shuts down the
connection.  See line 3376 of sendmail/milter.c and line 848 of
sendmail/srvsmtp.c.  I do not believe this "feature" exists in Sendmail
8.12.x.

It looks like some rule sets can also force the connection to be terminated
by returning 421.

Regards,

David.
___
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang