Jeremy Kister wrote:
On 3/3/2006 10:28 AM, Michael Krieger wrote:
An SMTP server MUST NOT intentionally close the connection except:
- After receiving a QUIT command and responding with a 221 reply.
- After detecting the need to shut down the SMTP service and
returning a 421 response code. This response code can be issued
after the server receives any command or, if necessary,
asynchronously from command receipt (on the assumption that the
client will receive it after the next command is issued).
Not to turn this into a RFC contest on the wrong mailing list, but we
must be interpreting that differently --
my qmail-1.03.isp.patch will close a connection after a defined number
of errors. I claim RFC 2821 #3.9 compatibility, because before
closing the connection, I send a 400 error. I have the 'need' to
close the connection, because I no longer want to hear from this
abuser, and he is automatically entered into tcp.smtp.cdb for rejection.
Just my 0.02c: I have been doing this for months with custom patches...
I generally stop dictionary attacks this way, as well as some folks who
send me a "GET / HTTP 1.(0|1)" request on port 25.
--
Jorge Valdes
Intercom El Salvador
[EMAIL PROTECTED]
voz: ++(503) 2278-5068
fax: ++(503) 2265-7025