Sam Somebody write:
> Nope. You cannot receive just the header, send an SMTP rejection, then
> expect the sender to stop sending you the rest of the message, unless you
> drop the socket as well. But, when you do that, the sender is likely to
> get a broken socket error, which gets interpreted as a transient error,
> resulting in the same message being rescheduled for another delivery
> attempt later on.
What I'd really like to do is, when this happens, instead of dropping the
socket (just yet), inject a temporary filter in the firewall, for about
an hour, that blocks that remote IP:port from getting any packets back
from this host IP:25 (as well as from the remote). Then block the socket.
That will leave a process running on the remote machine, and perhaps help
overload it. On the local end you only have a FIN_WAIT sitting around for
a few minutes.
--
Phil Howard | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
phil | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
at | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
ipal | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
dot | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
net | [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED]
