OpenBSD's spamd.

Christopher Hilton chris at vindaloo.com
Tue Dec 19 15:56:39 PST 2006 

Charles Sprickman wrote:
> On Tue, 19 Dec 2006, Christopher Hilton wrote:
> 
>> Oliver Fromme wrote:
>>> Dimitry Andric wrote:
>>>  > Oliver Fromme wrote:
>>>  > > What does stuttering mean?  Is it similar to sendmail's
>>>  > > "greet_pause" feature?
>>>  >  > See here:
>>>  > http://www.ualberta.ca/~beck/nycbug06/spamd/mgp00014.html
>>>
>>> OK, so the answer to my question seems to be "yes".  :-)
>>>
>>
>> Actually I'd say it's similar. If you telnet to port 25 on a server 
>> that's using sendmail's greet_pause option I'm assuming that you get 
>> nothing for 5 seconds. OpenSD's Spamd sends the initial greeting at a 
>> rate of one character per second and only accepts data from you at the 
>> same rate.
> 
> It also sets the window size to something like 1 byte. :)

Yes, it does. This results in the remote smtp daemon getting bound up by 
it's own kernel.

> 
> Someone had mentioned that this would consume many threads/processes, 
> but that is not the case.  Bob explained that spamd runs in a select() 
> loop. I don't totally understand that, but to me it sounds like the same 
> methodology that thttpd used, and that sure scaled up nice.
> 

It keeps an array of file descriptors, one for each connection to the 
remote smtp daemon. It periodically uses the select(2) system call to 
see which of the descriptors is ready and services them accordingly.

> Here's what I think is the latest version of Bob's talk.  It's quite good.
> 
> http://www.ualberta.ca/~beck/nycbug06/spamd/
> 
> There's audio available here:
> 
> http://www.nycbsdcon.org/slides

I heard the talk in the beginning of November, right about the middle of 
the big October/November spamming event of '06. To me the most 
interesting part of the talk was when he spoke about the results of 
tarpitting his greylisted connections and how he eliminated 1,300,000 
Mail messages from a total of 3,000,000 before they ever hit his MTA. 
That's the feature that's missing from FreeBSD since the port pulls 
spamd from OpenBSD 3.7 and the tarpitting feature was added in the 
revision right after the release 3.7 tag.

> 
> Was the original question "when will the FreeBSD port be updated"?? :)
> 

Yes. There's lots of ways to do it. One could pull diff from the openbsd 
cvs servers and drop it into the patch directory. That should go cleanly 
but it would be nice to get this revved up to the latest release. I've 
got a copy of the latest code to compile. The call symantics of 
openbsd's openlog_r(3) and syslog_r(3) differ from FreeBSD openlog(3) 
and syslog(3). But It should work. I need to throw some polish on it but 
after I do I'll post the patches here and send them to the port maintainer.

-- Chris

More information about the freebsd-stable mailing list