[Mimedefang] Reject pre greeting traffic with mimedefang?
Michiel Brandenburg
apex at xepa.nl
Mon Jan 14 10:47:36 EST 2013
Hi Franz,
> I'd be happy to hear about more details... :-)
Just to clarify .. the greet pause option when controlled from
mimedefang will let you control ONLY the greet pause option at the time
that sendmail usually uses it. It's not possible to delay at any other
point in the SMTP flow using this method.
But you can do funky fuzzy like settings not supported by default.
My try at a small howto. This is also an abbreviated example and might
not even work, usual disclaimer in place as it might skin your cat :)
Start mimedefang with the "-N inet:11111 at 127.0.0.1" option (among them
others)
I specifically connect to the ipv4 version of localhost as I can
remember that there was some issue with that some time back not sure if
it was sendmail or resolver related.
in Sendmail.mc (postfix ur on ur own :)
FEATURE(`access_db',`socket -T<TMPF> inet:11111 at localhost')dnl
In mimedefang-filter
create a function like the one below
sub filter_map {
my ($mapname, $tmp) = @_;
if ($mapname eq 'access') {
my ($action, $client) = split(':', $tmp);
if ($action eq 'greetpause') {
if (clientIsNice($client)) {
return ("OK", 0);
}
if (clientIsEvil($client)) {
return ("OK", 15);
}
return ("NOTFOUND", "");
}
}
return ("NOTFOUND", "");
}
The "OK" signifies that this milter knows the answer and the answer is
returned in seconds to delay. The NOTFOUND MUST (2nd argument is
ignored) be returned or sendmail ends up waiting for timeouts etc .. at
least it did last time I checked. Sending not found will also allow the
setting in sendmail.mc (FEATURE(`greet_pause', `1000')dnl 1 seconds) to
have some effect :)
Note socket map is pretty picky about what can be sent, so your mileage
may vary.
Hope it helps
--
Michiel Brandenburg
More information about the MIMEDefang
mailing list