[SA-exim] Teergrubing (stalling SMTP sessions )
Robert Strickler
Robert.Strickler at us.net56.net
Sat, 13 Jul 2002 14:35:59 -0500
I called this kind of delay introduction a "spambump", like speedbumps used
to slow you down in a parking lot. It does not surprise me that someone else
has already though of it.
I'm pretty ignorant of the Exim and SA internals, sorry correct me if I am
wrong.
However, couldn't we automatically send a continuation instead of "250 Mail
accepted" when the "." line is received?
When determined to be "not SPAM" send the OK, otherwise keep them on the
hook for X minutes before sending the reject message.
For production use, code would probably need adjustable maximum connection
times and adjustable maximum simultaneous thread or maybe something like
sendmail's load based processing deferral. Taken to a useful, robust
implementation is certainly not an afternoons worth of coding. But I think
the idea has a great deal of merit.
-----Original Message-----
From: Marc MERLIN [mailto:marc@merlins.org]
Sent: Saturday, July 13, 2002 2:04 PM
To: Robert Strickler
Cc: 'sa-exim@lists.merlins.org'
Subject: Re: [SA-exim] Teergrubing (stalling SMTP sessions )
On Sat, Jul 13, 2002 at 01:56:01PM -0500, Robert Strickler wrote:
> http://www.iks-jena.de/mitarb/lutz/usenet/teergrube.en.html
>
> This looks like a better approach than currently implemented.
>
> In addition to the per-line delay discussed, a smaller(?)
> per/character delay could be used. You might even feed them Project
> Gutenberg public domain works like the entire text of "The Count of
> Monte Cristo" (maybe even in the original French?), or "War an Peace"
> in the original Russian in an effort to educate the schmucks.
It won't really work in our case: we only know that the message is SPAM at
the end of the SMTP session, so it's too late to slow the sender down,
except by not returning OK and optionally returning DEFER very late.
Marc
--
"A mouse is a device used to point at the xterm you want to type in" -
A.S.R. Microsoft is to operating systems & security ....
.... what McDonalds is to gourmet
cooking
Home page: http://marc.merlins.org/ | Finger marc_f@merlins.org for PGP
key