Greetdelay for qmail
- Download here
- Author of the patch: John Simpson (?)
I replaced the original greetdelay by Erwin Hoffmann with the patch by John Simpson. Now communications trying to send commands before the greeting will be closed provided that you declare DROP_PRE_GREET; premature disconnections will be logged as well.This is the log line you will get:
@4000000052aee4ae26356134 GREETDELAY from 220.127.116.11: client disconnected
or, in case of pre-greeting data sending:
@4000000052ad37301366f11c GREETDELAY from 18.104.22.168: client sent data before greeting
To enable a delay of 15 seconds before qmail-smtpd modify your run files as follows (both qmail-smtpd/run and qmail-submission/run):
export SMTPD_GREETDELAY=15 export DROP_PRE_GREET=1
The latter line enables the dropping of clients sending commands before our greeting.
Greetdelay at rblsmtpd level (old)
I'm leaving intact this paragraph just in case you decided to use the greetdelay at the rblsmtpd level, as it was before in my guide. Of course, in case you decided to use the greetdelay functionality included in the qmail-smtpd program, you can skip this section.
- Info: http://www.fehcom.de/qmail/qmail.html##greetdelay
- Author of the patches: Erwin Hoffmann
Both qmail and rblsmtpd are already patched for GREETDELAY. This means that a potential attacker will be discouraged, since he has to wait GREETDELAY seconds before the communication starts because our services on ports 25 and 587 are sleeping during that period of time. Therefore, quoting Dr. E. Hoffmann,
the GREETDELAY will not only save you for spam mails, but unlike Greylisting and/or filtering a la SpamAssassin, this is the only mean to really reduce the overall amount of spam because the timeslot required for the spam sender to deliver messages (whether successfully or unsuccessfully) is raised from typically one second to (<=) GREETDELAY seconds.
f course there is no need to delay both rblsmtpd and qmail-smtpd. If you are using rblsmtpd it's better to turn off the GREETDELAY related to qmail-smtpd. To accomplish this, I have slightly modified the qmail-smtpd's GREETDELAY patch renaming its GREETDELAY environment variable to SMTPD_GREETDELAY so that you can set the two variables indipendently acting on qmail-smtpd (and/or qmail-submission). An example follows.
This will enable a delay of 15 seconds before rblsmtpd and turns off the delay before qmail-smtpd:
export SMTPD_GREETDELAY=0 export GREETDELAY=15
This enables a delay of 15 seconds before qmail-smtpd and should be used when rblsmtpd is not active: