Thanks Sam for your answer,
anyway it is crucial for us to avoid letting the timeout expire after
"RCTP TO" message in case of RBL check. So, even developing a custom
patch, we need something to prevent clients keeping the connection open
after "554 Refused. Your IP address is listed in the RBL at..." message.
We tried adding a simple exit(0) around line 1695 of filter.c just to
test the behavior but doing that the client is not able to connect anymore.
Can you suggest a (even dirty) way to workaround it or point me to the
proper direction to investigate it further?
This is an extract of the handshake message at the end of which we need
to close the communication
220 popmx-staging.cloud.net ESMTP
helo example.com
250 popmx-staging.cloud.net
MAIL FROM: exam...@example.com
250 Refused. Your IP address is listed in the RBL at cidr.bl
RCPT TO: t...@test.com
554 Refused. Your IP address is listed in the RBL at cidr.bl
<---- we need to close the connection in this moment (when we receive
554 Refused) instead of waiting for DATA and then waiting the default
timeout.
Thanks for your time.
Alessio Cecchi
Il 19/03/2017 20:05, Sam Clippinger via spamdyke-users ha scritto:
Unfortunately no, spamdyke isn't designed with the idea of different
timeouts for different reasons. It will always keep the connection
open as long as there is any chance the message could be allowed. For
example, if your configuration includes a recipient whitelist and the
remote IP is blacklisted, spamdyke won't close the connection until
the recipients are given, just in case one of them is on the
whitelist. Even when it's no longer possible to match a whitelist,
spamdyke still won't close the connection because the remote client
could sent a RSET command and begin a new session.
Your only option is to set a lower idle timeout, anything else would
require a major refactoring of spamdyke's code. Sorry!
-- Sam Clippinger
On Mar 10, 2017, at 4:11 AM, Alessio Cecchi via spamdyke-users
<spamdyke-users@spamdyke.org <mailto:spamdyke-users@spamdyke.org>> wrote:
Hi,
some months ago we switch from rblsmtpd to spamdyke in order to have
more info in the log about blocked IP. But after switch to spamdyke
the number of concurrency incoming SMTP sessions was increased about
10 time.
This because with rblsmtpd we set a timeout of 10 seconds and
spamdyke have a global timeout that we set at 180 seconds
(idle-timeout-secs). So when an IP in blacklist connects to our MX it
grabs a qmail-smtpd process for 180 seconds instead of 10.
Increasing the number of /var/qmail/control/concurrencyincoming is
not a solution because we expose our cluster to receive a number of
sessions that we could be unable to manage.
Can spamdyke close a connections with IP in blacklist after a time
shorter than idle-timeout-secs?
Here an example of timeout:
with spamdyke
$ time telnet mx01.mail.net <http://mx01.mail.net> 25
Trying 192.168.1.135...
Connected to mx01.mail.net <http://mx01.mail.net>.
Escape character is '^]'.
220 mx01.mail.net <http://mx01.mail.net> ESMTP
helo ciao.com <http://ciao.com>
250 mx01.mail.net <http://mx01.mail.net>
MAIL FROM: ales...@ciao.it <mailto:ales...@ciao.it>
250 Refused. Your IP address is listed in the RBL at www.spamhaus.org
<http://www.spamhaus.org>:
http://www.spamhaus.org/query/bl?ip=19.9.131.86
RCPT TO: ales...@ciao.com <mailto:ales...@ciao.com>
554 Refused. Your IP address is listed in the RBL at www.spamhaus.org
<http://www.spamhaus.org>:
http://www.spamhaus.org/query/bl?ip=19.9.131.86
[ here we should close the connection ]
DATA
554 Refused. Your IP address is listed in the RBL at www.spamhaus.org
<http://www.spamhaus.org>:
http://www.spamhaus.org/query/bl?ip=19.9.131.86
421 Timeout. Talk faster next time.
Connection closed by foreign host.
real 3m46.105s
user 0m0.000s
sys 0m0.000s
with rblsmtpd:
$ time telnet mx01.mail.net <http://mx01.mail.net> 25
Trying 192.168.1.135...
Connected to mx01.mail.net <http://mx01.mail.net>.
Escape character is '^]'.
220 rblsmtpd.local
Connection closed by foreign host.
real 0m10.389s
user 0m0.000s
sys 0m0.000s
Thanks
--
Alessio Cecchi
Postmaster @ http://www.qboxmail.it
https://www.linkedin.com/in/alessice
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
--
Alessio Cecchi
Postmaster @ http://www.qboxmail.it
https://www.linkedin.com/in/alessice
_______________________________________________
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users