|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Feature Suggestion: Tar-Pit flag in Postfix 2.1 proxy
From: Orlando Andico (orly
mozcom.com)
Date: Mon Feb 02 2004 - 21:26:42 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, 2 Feb 2004, Michael Tokarev wrote:
..
> >>Besides, knowing your previous experience, I seriously doubt the above
> >>is true.
>
> What did you mean?
i didn't write that. maybe he meant avcheck. :)
..
> The process that listens the network and handles connections from "bad"
> guys does not handle "good" sessions: it *spawns* new SMTPD, it does
> no proxy-connection. So the whole thing is completely transparent for
> "good" sessions.
aahh ok. i see.
..
> And no, I don't want to share the code now. The main reason is
> that it is not correct. It uses local DNS blocklist to descide
> whenever to tarpit the connection or to pass it to real smtpd.
> And the problem is that the DNS query is NOT asyncronious, it is
> done using gethostbyname(). It's ok for locally-running nameserver
got it. i was thinking much the same thing last night.
---
Orlando Andico <orlymozcom.com>
Mosaic Communications, Inc.
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]