OpenBSD's spamd.
Mark Andrews
Mark_Andrews at isc.org
Tue Dec 19 17:43:09 PST 2006
> On Tue, Dec 19, 2006 at 11:37:26AM -0500, Christopher Hilton wrote:
> > Oliver Fromme wrote:
> > >Dimitry Andric wrote:
> > > > Oliver Fromme wrote:
> > > > > What does stuttering mean? Is it similar to sendmail's
> > > > > "greet_pause" feature?
> > > >
> > > > See here:
> > > > http://www.ualberta.ca/~beck/nycbug06/spamd/mgp00014.html
> > >
> > >OK, so the answer to my question seems to be "yes". :-)
> > >
> >
> > Actually I'd say it's similar. If you telnet to port 25 on a server
> > that's using sendmail's greet_pause option I'm assuming that you get
> > nothing for 5 seconds. OpenSD's Spamd sends the initial greeting at a
> > rate of one character per second and only accepts data from you at the
> > same rate.
> >
> > Through experimentation Bob Beck determined that many spammers were
> > dropping the connection and forgetting about delivering the mail
> > completely after short and shorter intervals if the connection was rate
> > limited to 1 character / sec. When the spammers got down to 3 seconds he
> > modified spamd to stutter for 10 seconds on any connection. That feature
> > came in on OpenBSD 3.8
>
> The exim MTA has this comment relating to the SMTP banner
>
> /* It seems that CC:Mail is braindead, and assumes that the greeting message
> is all contained in a single IP packet. The original code wrote out the
> greeting using several calls to fprint/fputc, and on busy servers this could
> cause it to be split over more than one packet - which caused CC:Mail to fall
> over when it got the second part of the greeting after sending its first
> command. Sigh. To try to avoid this, build the complete greeting message
> first, and output it in one fell swoop. This gives a better chance of it
> ending up as a single packet. */
>
> I'm wondering how many CC:Mail servers are still out there and if they're
> still broken in this regard. That could leave the "stutter" with false
> positives....
Broken software is broken software. You can't work around all
the bugs in all the broken pieces of software.
> _______________________________________________
> freebsd-stable at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe at freebsd.org"
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: Mark_Andrews at isc.org
More information about the freebsd-stable
mailing list