On 2006-12-22, at 1308, Erwin Hoffmann wrote:
introducing a delay in qmail-smtpd EHLO greeting by about 30 secs will
reduce the amount of spam emails by typically 50%.
In case you believe it or even if don't believe it, use my 5 line
patch for
qmail-smtpd.c available here:
http://www.fehcom.de/qmail/qmail.html
you can take the same thing one step further... many spam programs
send their first command without waiting for the server to send the
initial banner. this is a violation of RFC 2821 section 3.2, and RFC
821 section 4.3, both of which say that the client is supposed to
wait for the server's greeting before sending anything.
http://qmail.jms1.net/patches/greetdelay2.patch adds logic to hang up
on clients who "jump the gun" line this. basically, instead of
calling sleep(), it calls timeoutread() and barfs if it gets any
result other than "timeout".
i'd like to hear others' thoughts about this before i add it to my
own combined patch- is it a good idea? are there any "legitimate"
clients (MTAs or MUAs) out there which ignore this part of the RFC,
and if so are there enough to prevent this idea from being widely used?
--------------------------------------------------
| John M. Simpson - KG4ZOW - Programmer At Large |
| http://www.jms1.net/ <jms1@jms1.net> |
--------------------------------------------------
| Mac OS X proves that it's easier to make UNIX |
| pretty than it is to make Windows secure. |
--------------------------------------------------
PGP.sig
Description: This is a digitally signed message part
|