Diary of a geek

December 2023
Mon Tue Wed Thu Fri Sat Sun
        1 2 3
4 5 6 7 8 9 10
11 12 13 14 15 16 17
18 19 20 21 22 23 24
25 26 27 28 29 30 31

Andrew Pollock


Other people's blogs


RSS feed

Contact me

JavaScript required

Wednesday, 27 July 2005

Sendmail 8.13's s3kr1t new GREET_PAUSE feature

In endeavouring to catch up with my debian-devel backlog yesterday, I discovered that Sendmail 8.13 has a new feature whereby it can be configured to hold off on issuing the 220 response for a brief delay. Any hosts that connect and immediately try to ram an SMTP conversation down it's throat get summarily told to naff off with a 554 response because they are violating the relevant RFC.

So I thought I'd turn said feature on yesterday to see what happened. It's certainly generating some hits in the logs. I've just done a spot of analysis, and of the 28 unique IPs that were knocked back, 16 of them were in the dul.dnsbl.sorbs.net blocklist, which I already use to knock back some spam. Of the remainder that resolved (2 didn't), they all looked a bit dynamic from their hostnames. The one that stood out was nproxy.gmail.com. I did do some tests from GMail as soon as I enabled the feature yesterday, and all tests have worked fine, but I've taken the precaution of (hopefully correctly) whitelisting all of GMail's IP addresses.

Biggest problem is the lack of documentation, specifically in relation to whitelisting. I'm not sure if you have the same sort of flexibility that you usually have for specifying hosts. The Sendmail documentation only mentions how to turn on the feature, and the Sendmail website doesn't even mention that much.

Anyway, I guess time will tell if it's helping any more than just using the DNS blacklists I am already using. If you're adversely affected, don't err, email me and let me know...

[19:02] [tech/spam] [permalink]