| Age | Commit message (Collapse) | Author |
|---|
|
always skipping the last address. ok beck@
|
|
closing the connection while we're trying to write to it
|
|
|
|
full speed. By default do this for 10 seconds. Many spammers disconnect by
then. Adds -S option to select the amount of time greylisted connections
will be stuttered at.
feedback from jmc@, deraadt@, ok deraadt@
|
|
a list of spamtrap destination addresses in the spamd database. When
a spamtrap address gets an attempted greylist delivery, blacklist the
offending host for a day. Does not affect hosts already whitelisted.
ok deraadt@, jmc@, dhartmei@ to get it in so it can be whacked on
|
|
- Implement RSET in spamd - some virus scanning products (notably symantec's
viruswall) spew a RSET into the smtp stream before every attempted delivery.
(noticed by reitenba@fh-brandenburg.de and some others). This ensures
such things can successfully talk to a spamd greylister.
ok millert@ henning@
|
|
people on misc, and some observations by Evan harris on the greylisting
mailing list that a number of clustered mailers like aol behave better
(and retry from the same IP) when they see a 451, but do not when
they see a 450 (traditionally used for mailbox lock failure)
450 was the original for spamd, as the default for the tarpit is to
encourage quick retries to punish blacklisted smtp servers more. This
got carried over to the greylisting implementation, and isnt' really
optimal for that case.
ok millert@, henning@, todd@
|
|
ok henning@
|
|
|
|
|
|
|
|
sys/types.h after sys/param.h
|
|
|
|
with -v, you get From/To/Subject at LOG_INFO, and the first ten body
lines at LOG_DEBUG. ok beck@
|
|
so separate lines before logging headers/body. doesn't make logging
more verbose, just fixes the case where chunks contain multiple lines.
ok beck@
|
|
would get messed up when the blacklist limit was hit.
tested by danh@ and me
ok cedric@
|
|
|
|
connections to something less than maxcon when greylisting. This ensures
you don't completely run out of connections tarpitting spammers, and not
allow real mail through.
ok dhartmei@ millert@
|
|
connection. This ensures that greylisted connections are not delayed
by a small windows size, but blacklisted connections still have to
send the body through a tiny window, and presumably the body is
the vast majority of what is being sent anyway.
ok dhartmei@ millert@
|
|
kill all three processes to make it go away. Adjust daemon() call and
logging appropriately.
ok henning@, millert@
|
|
ok millert@ dhartmei@
|
|
found by yongari@kt-is.co.kr
ok dhartmei@, millert@
|
|
yongari@kt-is.co.kr
ok deraadt@
|
|
yongari@kt-is.co.kr
ok deraadt@
|
|
to avoid keeping multiple grey entries around from a single host for
extra time.
- make -G work
- paranoia and cleanup suggestions from deraadt@
ok millert@
|
|
|
|
originates from a paper by Evan Harris which can be found at
http://projects.puremagic.com/greylisting/. This implementation makes
spamd allow for non-blacklisted addresses to be treated as "greylisted".
where they are tracked in a db file, and whitelisted by addition to a
pf table when the same envelope from and to are retried from the same
source IP address. Testing by many, ok deraadt@
|
|
|
|
|
|
and blacklist matches. Add -v (verbose) flag to allow other detailed
logging (subject, body, smtp dialogue, etc.) when it's needed.
ok dhartmei@ -> ok deraadt@
|
|
2) Allow multiple RCPT's
ok mpech@, helpful stress testing by Chris Nadovich <chris@jtan.com>
|
|
|
|
ok deraadt@
|
|
|
|
|
|
|
|
beck@ ok, deraadt@ ok an earlier version
|
|
|
|
default. in reponse to pr3435. ok beck deraadt dhartmei
|
|
|
|
|
|
(causing a small TCP window size, tying up sender's resources), additional
states: keep connection until ten body lines have been received, improved
logging through syslog (envelope from/to, From:/To:/Subject: in header,
first lines of body) at various levels. ok deraadt@
|
|
|
|
|
|
|
|
ok tedu@
|
|
tedu,
ok tedu@
|
|
|
|
|
|
ok millert@ deraadt@
|
