Date: Tue, 19 Dec 2006 19:35:47 -0500 From: Gary Palmer <gpalmer@mirapoint.com> To: freebsd-stable@FreeBSD.ORG Subject: Re: OpenBSD's spamd. Message-ID: <20061220003547.GD53372@in-addr.com> In-Reply-To: <45881546.30400@vindaloo.com> References: <200612191347.kBJDlg5c058711@lurza.secnetix.de> <45881546.30400@vindaloo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Dec 19, 2006 at 11:37:26AM -0500, Christopher Hilton wrote: > Oliver Fromme wrote: > >Dimitry Andric wrote: > > > Oliver Fromme wrote: > > > > What does stuttering mean? Is it similar to sendmail's > > > > "greet_pause" feature? > > > > > > See here: > > > http://www.ualberta.ca/~beck/nycbug06/spamd/mgp00014.html > > > >OK, so the answer to my question seems to be "yes". :-) > > > > Actually I'd say it's similar. If you telnet to port 25 on a server > that's using sendmail's greet_pause option I'm assuming that you get > nothing for 5 seconds. OpenSD's Spamd sends the initial greeting at a > rate of one character per second and only accepts data from you at the > same rate. > > Through experimentation Bob Beck determined that many spammers were > dropping the connection and forgetting about delivering the mail > completely after short and shorter intervals if the connection was rate > limited to 1 character / sec. When the spammers got down to 3 seconds he > modified spamd to stutter for 10 seconds on any connection. That feature > came in on OpenBSD 3.8 The exim MTA has this comment relating to the SMTP banner /* It seems that CC:Mail is braindead, and assumes that the greeting message is all contained in a single IP packet. The original code wrote out the greeting using several calls to fprint/fputc, and on busy servers this could cause it to be split over more than one packet - which caused CC:Mail to fall over when it got the second part of the greeting after sending its first command. Sigh. To try to avoid this, build the complete greeting message first, and output it in one fell swoop. This gives a better chance of it ending up as a single packet. */ I'm wondering how many CC:Mail servers are still out there and if they're still broken in this regard. That could leave the "stutter" with false positives....
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061220003547.GD53372>