|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Kouhei Sutou (kou
clear-code.com)
Date: Sat Jun 27 2009 - 22:33:03 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
I want smtpd to abort a connection for a SMTP client as soon
as possible when the client disconnects the connection
before smtpd returns a response.
Current:
client smtpd
connect ->
...
command ->
<- response
...
command ->
processing...
disconnect ->
processing...
<- response
**detect disconnected**
Expect:
client smtpd
connect ->
...
command ->
<- response
...
command ->
processing...
disconnect ->
**detect disconnected**
abort the current process
Benefit: System resource used by smtpd are reduced.
Background:
Tarpitting is an effective anti-spam technique for some
spammers. The following figure shows about 20% spammers can
be protected by 65s tarpitting:
http://f.hatena.ne.jp/images/fotolife/s/stealthinu/20070705/20070705142716.png
I want to use tarpitting ONLY IF connected SMTP client is
very spammy because tarpitting may cause DoS. And I want to
reduce system resource usage caused by tarpitting.
Tarpitting can be done with SLEEP action in access(5),
policy server or sleep(3) in milter. All of them sleep
specified seconds even if connected SMTP client disconnects
a connection.
There is a patch for SLEEP action in access(5) and policy
server cases:
http://k2net.hakuba.jp/pub/postfix-sleep.patch
# It can be applied to Postfix 2.6.x.
But there is no patch for milter case.
Is there a plan to provide 'abort as soon as possible when
client disconnects' feature?
Or I should not use tarpitting with Postfix?
Or I should place other software (e.g. spamd) in front of
Postfix? (I hope that all of my mail system is built with
Postfix based technologies to maintain easily.)
Thanks,
--
kou
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]