That's true, but in your example the qmail process was either never
started or closed after the "HELO" command because the RBL filter
prevented a message from being accepted. spamdyke never closes the
connection immediately when a filter is triggered. Instead it closes
qmail and imitates an SMTP server, accepting commands and rejecting them
with an appropriate error message. There are two reasons for this --
first is to capture the information for logging. Second (and more
important) is to return an error message as many times as possible so
the remote user might see it and realize what the problem is. IMHO, the
goal of closing qmail as early as possible (or never starting it at all)
takes priority over skipping the DNS queries.
However, if you feel that strongly about it you can easily change the
order of the filters. The calls to the post-connect filters start in
spamdyke.c, starting on line 2756. The function names should be
self-explanitory; delete any of them you don't want to run immediately.
Then go to line 1396, where you'll find the post-connect filters
repeated. For each one you deleted below, move it out of the if() block
that starts on line 1384. The post-RCPTTO filters start on line 1447.
They should still work if you move them up above line 1429 (above the
if() statement) and leave the if() structures intact below them.
Recompile and copy the binary into place. (There are also some filters
that run after the sender address is given (post-MAILFROM). You can
make those run after the recipient addresses if you'd like. Delete them
starting on line 1325 and reorder them around line 1396.) NOTE: these
changes will break support for configuration directories ("config-dir").
-- Sam Clippinger
On 9/21/10 6:30 AM, Marcin Orlowski wrote:
> On Mon, 20 Sep 2010 15:53:22 -0500, Sam Clippinger<[email protected]>
> wrote:
>
>> Pretty much, yes.
>>
>> The reject-identical-sender-recipient filter can't run until both the
>> sender and recipient have been given, which happens pretty late in the
>> SMTP conversation. RBLs and RDNS entries can be checked as soon as the
>> connection begins. Although the RBL and RDNS filters generate some
>> additional network traffic, spamdyke won't even start the qmail process
>> if they are triggered, which saves server resources (far more than
>> skipping a DNS query or a file search).
>>
> After a thought -> this filter logs sender/receipient:
>
> spamdyke[31613]: DENIED_RBL_MATCH from: [email protected] to:
> [email protected]
>
> and it did not come out of nowhere. If it's here already for logging
> it can be used for reject-identical-sender-recipient first.
>
> Regards,
>
_______________________________________________
spamdyke-users mailing list
[email protected]
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
