|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Bernhard Reiter (bernhard
intevation.de)
Date: Mon Jan 07 2008 - 16:47:48 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Monday 07 January 2008 18:20, mouss wrote:
> > Looking at OpenBSD's spamd and Eggendorfers publication list, I believe
> > he has compared spamd to his system and they are quite different.
> > (Otherwise, could someone point me to the option to stutter on all
> > incoming SMTP connection with spamd?)
Mouss,
thanks for the pointers.
> http://www.benzedrine.cx/relaydb.html
>
> http://www.openbsd.org/cgi-bin/man.cgi?query=spamd&sektion=8
>
> look at -S and -s options.
I had a brief look at this, but it seems like after stuttering it cannot go to
normal operation, but (termorarily) fails. I will need to take a deeper look
how to implement the idea to always stutter and afterwards continue to full
speed.
> It's ok if you can do it cheaply (both in terms of performances and in
> terms of "disturbances" of your architecture, and of course, in terms of
> code simplicity since you don't want to audit thousand lines of code and
> libs just for this). a specialized daemon (that does nothing more than
> tarpitting) is the way to go. just make sure not to keep too much
> connections open at a single time (They use resources in your TCP stack).
>
> one issue here is to give the daemon the privilege of updating IP
> filtering rules. This requires careful analysis.
Wietse,
thanks for the pointer to the "pass" service (and postfix in general of
course). I guess that taking over an already running connection might not
work with this service, but I still can take a look how it is done.
Bernhard
--
Managing Director - Owner: www.intevation.net (Free Software Company)
Germany Coordinator: fsfeurope.org. Coordinator: www.Kolab-Konsortium.com.
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.5 (GNU/Linux)
iD8DBQBHgqwZh9ag3dpKERYRAtrgAKCo18hAiR2d+rJwpTJPyreQ6BGF2wCdFMDd
Sl1AEx6xTfvHmecvhDA/vy0=
=z2mW
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]