13 sendmail to combat slamming. You
use the FEATURE(greet_pause) like this:
FEATURE(`greet_pause??, `ms_pause??)
The FEATURE(greet_pause) takes a single argument, an integer representation of the
number of milliseconds to wait before sendmail may send its initial greeting. The ms_
pause sets the default wait (we cover this shortly). If ms_pause is missing, no default is
set. If ms_pause is greater than five minutes, the wait is silently truncated to five
minutes.??
If sendmail detects input from the client during this wait, that input is interpreted as
an indication of slamming. If slamming is detected, the following rejection (instead
of the initial greeting shown earlier) will be issued to the client:
554 server_host_name not accepting messages
Whenever a slamming site is rejected like this, the following is logged with syslog(3):
rejecting commands from host [ip_addr] due to pre-greeting traffic
?†? V8.13 and earlier
rejecting commands from host [ip_addr] after secs seconds due to pre-greeting traffic
?†? V8.14
Beginning withV8.14, this FEATURE(greet_pause) will not log anything if the connecting
client disconnects on its own because of the wait.
* Hijacking worms, loaded into unsuspecting PCs, are often used as proxies to perform just this sort of rapid
spam email attack.
?? RFC2821 defines five minutes as the maximum timeout for the 220 greeting.
Pages:
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544