Anthony, Others have asked for some kind of quick-rejection, but the problem is the layout you suggested it rather specific to your installation. I personally would want local network SMTP to be always accepted as well as something for a local account, plus whoever authenticated with SMTP AUTH. Someone else may just be gatewaying to another server and only want incoming mail for recipients and doesn't care who the sender is.
I don't believe it's feasible or practical to create predefined blocks that match various installations, so the front-running idea was to allow matchers to run during the multiple SMTP stages...after HELO, after MAIL FROM, after RCPT TO, and after DATA. If you could add a few matchers in each spot, we could offer much more customization possibilities for the James admin. However, as you can imagine, this quickly becomes complicated and may be too much for what could be accomplished more simply elsewhere, like already said for your case, just blocking the remote IP address at the firewall level is probably the better approach. -- Serge Knystautas Loki Technologies - Unstoppable Websites http://www.lokitech.com/ Anthony Buckton wrote: > Hi Guys, > > A week or two ago, I downloaded James and started getting into things - including >this list, so I apologise if I am covering old ground. > > Over the last few days I have been getting hammered by a pseudo-yahoo user sending >thousands of emails to other @yahoo.com users. > My strategy was to black-hole the emails, yet they still keep coming and my shiny >new DSL link is becoming choked as this guy steps up his operations. > > I would like to respond to the guy to inform him that his efforts are now fruitless, >but the senders address is a fake, all I have is his IP and that doesn't respond to >incoming connections :( > > On checking how other do this, the recommendation what to respond with a "550" >message during the SMTP connection to let the sender know that their mail is rejected >- whilst they're is connected - preferrably as a response to his RCPT command - >before the DATA starts racking up the byte counters at my ISP. The current Mailet >checking and processing architecture doesn't allow this. > > I have been working through the code (I'm checking out Eclipse which shows promise) >and have come up with the following suggestion: > > i) config.xml: Incorporates a tag in the <smtpserver> section, I've named ><LocalRelated> which is a boolean and is responsible for setting a "localRelated" >boolean in the SMTPHandler object. > > > ii) The following code would be executed: > > if(localRelated) > { > MailAddress senderAddress = (MailAddress)state.get(SENDER); > boolean SenderHostIsLocal > = mailServer.isLocalServer(recipientAddress.getHost()); > boolean RcptHostIsLocal > = mailServer.isLocalServer(senderAddress.getHost()); > boolean SenderUserIsLocal > = mailServer.isLocalUser(recipientAddress.getUser()); > boolean RcptUserIsLocal > = mailServer.isLocalUser(senderAddress.getUser()); > > // check if either the send/recv user+domain are local > if(!((SenderHostIsLocal && SenderUserIsLocal) || > (RcptHostIsLocal && RcptUserIsLocal))) { > out.println("550 Cannot forward to that address"); > getLogger().error("Sender " + senderAddress > + " attempted to relay to " + recipientAddress); > return; > } > } > > (This code would be inserted into doRCPT() method of the SMTPHandler object, most >likely AFTER the AUTH checking code.) > > iv) The method "public boolean isLocalUser(String name)" would need to inserted into >the MailServer interface to make the method found in James object accessible by the >SMTPHandler. > > I realise that this may not meed all of the needs of all of the users - but it could >be the start of some useful "fast spam stopping" tools. > > Anthony -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
