Hi, > That feature is in stock sendmail. It's called the greet_pause ruleset. > > FEATURE(`greet_pause', `5000') dnl 5 seconds > > causes the MTA to wait 5 seconds before greeting. You could also use > 30000 to make it be 30 seconds, though usually 5 is plenty. The problem here is that sendmail forks() before it delays the connection. This opens another weakness, especially during a DDoS attack. With the five seconds delay, you only catch the pregreeting spammer connections, with a larger delay, the spammers often give up sending anything at all.
I use kernel greatpause support together with graylisting in a second stage in my commercial email appliance. IMHO graylisting still works best to keep a lot of the connections away. If it is implemented in a clever way, you can bypass mail delays for real email traffic. -- Martin _______________________________________________ swinog mailing list swinog@lists.swinog.ch http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
