From owner-freebsd-stable@FreeBSD.ORG Wed Dec 20 00:51:26 2006 Return-Path: X-Original-To: freebsd-stable@FreeBSD.ORG Delivered-To: freebsd-stable@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 7151316A492 for ; Wed, 20 Dec 2006 00:51:26 +0000 (UTC) (envelope-from gpalmer@mirapoint.com) Received: from noop.in-addr.com (noop.in-addr.com [208.58.23.51]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2DACD43CBE for ; Wed, 20 Dec 2006 00:51:16 +0000 (GMT) (envelope-from gpalmer@mirapoint.com) Received: from gjp by noop.in-addr.com with local (Exim 4.54 (FreeBSD)) id 1GwpQx-000PQg-FZ for freebsd-stable@FreeBSD.ORG; Tue, 19 Dec 2006 19:35:47 -0500 Date: Tue, 19 Dec 2006 19:35:47 -0500 From: Gary Palmer To: freebsd-stable@FreeBSD.ORG Message-ID: <20061220003547.GD53372@in-addr.com> Mail-Followup-To: freebsd-stable@FreeBSD.ORG References: <200612191347.kBJDlg5c058711@lurza.secnetix.de> <45881546.30400@vindaloo.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <45881546.30400@vindaloo.com> Cc: Subject: Re: OpenBSD's spamd. X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 20 Dec 2006 00:51:26 -0000 On Tue, Dec 19, 2006 at 11:37:26AM -0500, Christopher Hilton wrote: > Oliver Fromme wrote: > >Dimitry Andric wrote: > > > Oliver Fromme wrote: > > > > What does stuttering mean? Is it similar to sendmail's > > > > "greet_pause" feature? > > > > > > See here: > > > http://www.ualberta.ca/~beck/nycbug06/spamd/mgp00014.html > > > >OK, so the answer to my question seems to be "yes". :-) > > > > Actually I'd say it's similar. If you telnet to port 25 on a server > that's using sendmail's greet_pause option I'm assuming that you get > nothing for 5 seconds. OpenSD's Spamd sends the initial greeting at a > rate of one character per second and only accepts data from you at the > same rate. > > Through experimentation Bob Beck determined that many spammers were > dropping the connection and forgetting about delivering the mail > completely after short and shorter intervals if the connection was rate > limited to 1 character / sec. When the spammers got down to 3 seconds he > modified spamd to stutter for 10 seconds on any connection. That feature > came in on OpenBSD 3.8 The exim MTA has this comment relating to the SMTP banner /* It seems that CC:Mail is braindead, and assumes that the greeting message is all contained in a single IP packet. The original code wrote out the greeting using several calls to fprint/fputc, and on busy servers this could cause it to be split over more than one packet - which caused CC:Mail to fall over when it got the second part of the greeting after sending its first command. Sigh. To try to avoid this, build the complete greeting message first, and output it in one fell swoop. This gives a better chance of it ending up as a single packet. */ I'm wondering how many CC:Mail servers are still out there and if they're still broken in this regard. That could leave the "stutter" with false positives....