Thus said Erwin Hoffmann on Fri, 22 Dec 2006 19:08:56 +0100:
> introducing a delay in qmail-smtpd EHLO greeting by about 30 secs will
> reduce the amount of spam emails by typically 50%.
Here's a semi-scientific proof of this:
http://www.armory.com/~spcecdt/spamware/
> Actually, I couldn't believe it by myself; but it works high
> efficient.
Yes, after reading John's write up of this, I also wrote something to
deal with it, however, I didn't patch qmail to achieve it. I simply
wrote a script called /var/qmail/bin/qmail-smtpdsleep and then call it
in my qmail-smtpd run script:
tcpserver -v -p ... \
/var/qmail/bin/qmail-smtpdsleep \
/var/qmail/bin/qmail-smtpd 2>&1
Here is the qmail-smtpdsleep program:
#!/bin/sh
if [ x"$NOSLEEP" = "x" ]
then
exec ${1+"$@"}
fi
sleep "$NOSLEEP"
exec ${1+"$@"}
This has the benefit of first, not patching qmail, and second being able
to control who this is aimed at (and also how long to sleep) by simply
setting NOSLEEP in my tcprules.
For example:
=.suspect:allow,NOSLEEP="60"
:allow,NOSLEEP="31"
Andy
--
[-----------[system uptime]--------------------------------------------]
11:38am up 21 days, 16:35, 4 users, load average: 1.32, 1.50, 1.54
|