rosenfieldusers.sourceforge.net
Date: Mon Nov 05 2007 - 04:46:15 CST

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

mouss writes:
> if you search the archives, you'll find a post by $self where "sleep 1"
> is replaced by "warn_if_reject reject_rbl_client ..." calls.
>
> After Viktor reply, I installed this for a short period of time,
> and it did not catch anything.

Well, it's not exactly the same. In your case, no complexity was added
to the HELO as far as I can tell (aside from the delay). The general
idea of this thread was to (optionally) turn the HELO into a multiline
thing (perhaps already possible with \n or something?), and add a new
sleep option which introduces a short delay before the last line of a
multi-line string (given by the next command in chain) is printed.

The sleep (or similar simple delay) can be overcome by a spammer by
doing something akin to a blocking readline(), while the above would
force a spammer to parse the SMTP responses much more thoroughly.

>>> You also need to apply this selectively, ...
>>
>> Why?
>
> because my MTA has other things to do than wait for yours to wake up!
> In short, that will consume resources of legitimate sites (unlike
> spammers, we do not have infinite resources).

A 1 second delay is nothing: the only resource your MTA is wasting is
an open TCP session, and TCP sessions tend to linger on for several
minutes after your MTA has initiated their closure - they go into the
TIME_WAIT state, which by default lasts something like 240 seconds.
By comparison, 1 second is nothing..

(I imagine here that your MTA is multi-threaded so it doesn't clog up
the whole to-be-sent pipeline whenever a single remote MTA sends it
into a tarpit or what not.)

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]