diff options
author | Bob Beck <beck@cvs.openbsd.org> | 2005-04-14 16:07:53 +0000 |
---|---|---|
committer | Bob Beck <beck@cvs.openbsd.org> | 2005-04-14 16:07:53 +0000 |
commit | 19761f1bf0a8834e1dd41c742b2b9ab1e29a6e95 (patch) | |
tree | b69afbfbfad48071a2e2f4fbb7b75577c63e3434 /libexec/spamd | |
parent | 97150a907af5da45347122ab22d5411d30b7b3b8 (diff) |
Make spamd stutter at greylisted connections for a short period before talking
full speed. By default do this for 10 seconds. Many spammers disconnect by
then. Adds -S option to select the amount of time greylisted connections
will be stuttered at.
feedback from jmc@, deraadt@, ok deraadt@
Diffstat (limited to 'libexec/spamd')
-rw-r--r-- | libexec/spamd/spamd.8 | 7 | ||||
-rw-r--r-- | libexec/spamd/spamd.c | 19 |
2 files changed, 22 insertions, 4 deletions
diff --git a/libexec/spamd/spamd.8 b/libexec/spamd/spamd.8 index 6f4191b7ae4..9248d2ff438 100644 --- a/libexec/spamd/spamd.8 +++ b/libexec/spamd/spamd.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: spamd.8,v 1.53 2005/03/11 23:09:53 beck Exp $ +.\" $OpenBSD: spamd.8,v 1.54 2005/04/14 16:07:52 beck Exp $ .\" .\" Copyright (c) 2002 Theo de Raadt. All rights reserved. .\" @@ -39,6 +39,7 @@ .Op Fl n Ar name .Op Fl p Ar port .Op Fl r Ar reply +.Op Fl S Ar secs .Op Fl s Ar secs .Op Fl w Ar window .Ek @@ -108,6 +109,10 @@ using .It Fl r Ar reply The SMTP error to return to the spammer, i.e. 450, 451, 550. This defaults to 450. +.It Fl S Ar secs +Stutter at greylisted connections for the specified amount +of seconds, after which the connection is not stuttered at. +Defaults to 10. .It Fl s Ar secs Delay each character sent to the client by the specified amount of seconds. diff --git a/libexec/spamd/spamd.c b/libexec/spamd/spamd.c index 52a73bac2e9..5f91854e045 100644 --- a/libexec/spamd/spamd.c +++ b/libexec/spamd/spamd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: spamd.c,v 1.75 2005/03/11 23:09:53 beck Exp $ */ +/* $OpenBSD: spamd.c,v 1.76 2005/04/14 16:07:52 beck Exp $ */ /* * Copyright (c) 2002 Theo de Raadt. All rights reserved. @@ -132,6 +132,7 @@ int blackcount; int clients; int debug; int greylist; +int grey_stutter = 10; int verbose; int stutter = 1; int window; @@ -145,7 +146,7 @@ usage(void) fprintf(stderr, " [-G mins:hours:hours] [-n name] [-p port]\n"); fprintf(stderr, - " [-r reply] [-s secs] [-w window]\n"); + " [-r reply] [-S secs] [-s secs] [-w window]\n"); exit(1); } @@ -578,7 +579,7 @@ initcon(struct con *cp, int fd, struct sockaddr *sa) cp->af = sa->sa_family; cp->ia = &((struct sockaddr_in *)sa)->sin_addr; cp->blacklists = sdl_lookup(blacklists, cp->af, cp->ia); - cp->stutter = (greylist && cp->blacklists == NULL) ? 0 : stutter; + cp->stutter = (greylist && !grey_stutter && cp->blacklists == NULL) ? 0 : stutter; error = getnameinfo(sa, sa->sa_len, cp->addr, sizeof(cp->addr), NULL, 0, NI_NUMERICHOST); if (error) @@ -887,6 +888,11 @@ handlew(struct con *cp, int one) { int n; + /* kill stutter on greylisted connections after initial delay */ + if (cp->stutter && greylist && cp->blacklists == NULL && + (t - cp->s) > grey_stutter) + cp->stutter=0; + if (cp->w) { if (*cp->op == '\n' && !cp->sr) { /* insert \r before \n */ @@ -937,6 +943,7 @@ main(int argc, char *argv[]) struct servent *ent; struct rlimit rlp; char *bind_address = NULL; + const char *errstr; tzset(); openlog_r("spamd", LOG_PID | LOG_NDELAY, LOG_DAEMON, &sdata); @@ -1002,6 +1009,12 @@ main(int argc, char *argv[]) usage(); stutter = i; break; + case 'S': + i = strtonum(optarg, 0, 90, &errstr); + if (errstr) + usage(); + grey_stutter = i; + break; case 'n': spamd = optarg; break; |