Add SMTP HELO/EHLO delay

Need help? Ask here.

Moderator: Moderators

Post Reply
Black20VT
Posts: 134
Joined: Sat Nov 05, 2005 12:35 pm
Location: UK
Contact:

Add SMTP HELO/EHLO delay

Post by Black20VT » Wed Sep 06, 2006 2:36 am

Hi,

Unless I've missed it, is it possible to add an SMTP HELO/EHLO delay?

Thanks,

Chris.

RollerNetSupport
Site Admin
Posts: 850
Joined: Wed Nov 17, 2004 10:05 pm
Location: Nevada
Contact:

Post by RollerNetSupport » Wed Sep 06, 2006 10:23 am

It isn't, but it's something we can look in to. Are you just looking for an option to add a delay in responding to HELO/EHLO, or something more complex?
Technical Support support@rollernet.us
Roller Network LLC

Black20VT
Posts: 134
Joined: Sat Nov 05, 2005 12:35 pm
Location: UK
Contact:

Post by Black20VT » Wed Sep 06, 2006 11:05 am

glendale2x wrote:Are you just looking for an option to add a delay in responding to HELO/EHLO, or something more complex?
Just a simple option to add a delay.

Any idea if this will be easy to implement and if so, when it could possibly be available?

I use it on my primary mail server and find a lot of SPAM bots give up if they don't get an instant response :lol:

Although, Tarpitting will be a 'nice to have' in the future. :wink:

RollerNetSupport
Site Admin
Posts: 850
Joined: Wed Nov 17, 2004 10:05 pm
Location: Nevada
Contact:

Post by RollerNetSupport » Thu Sep 07, 2006 4:01 pm

We do simple simple flood control on a global level, such as when a client sends too many RCPT TO commands that look like a dictionary attack.
Technical Support support@rollernet.us
Roller Network LLC

Black20VT
Posts: 134
Joined: Sat Nov 05, 2005 12:35 pm
Location: UK
Contact:

Post by Black20VT » Fri Sep 08, 2006 12:07 am

glendale2x wrote:We do simple simple flood control on a global level, such as when a client sends too many RCPT TO commands that look like a dictionary attack.
Ah ok, that's perfect then.

Just the delay would be brilliant :wink:

RollerNetSupport
Site Admin
Posts: 850
Joined: Wed Nov 17, 2004 10:05 pm
Location: Nevada
Contact:

Post by RollerNetSupport » Sun Sep 10, 2006 1:06 pm

A configuration option for "HELO/EHLO Response Delay" has been added to the account control center. It can be found under a new "Advanced Options" section in the mail domain settings, which can be accessed by clicking on a domain name in the mail services section.

This feature is not yet active in the filter core, but you can configure the settings now and they will take effect with the next filter core upgrade.
Technical Support support@rollernet.us
Roller Network LLC

Black20VT
Posts: 134
Joined: Sat Nov 05, 2005 12:35 pm
Location: UK
Contact:

Post by Black20VT » Sun Sep 10, 2006 1:40 pm

Superb, thanks glendale2x for looking into that and setting it up so promptly! It's a great feature and will hopefully reduce SPAM to your servers! Any idea when the new filter core upgrade is planned?

Also, any further news on setting up a higher level fake MX record?

RollerNetSupport
Site Admin
Posts: 850
Joined: Wed Nov 17, 2004 10:05 pm
Location: Nevada
Contact:

Post by RollerNetSupport » Sun Sep 10, 2006 3:49 pm

Well, we're still trying to work out a final bug... the problem is that we don't know what filter settings to apply until we get a recipient address, and HELO comes before that. We could proxy buffer incoming connections, but that only works for non-TLS sessions. We can, quite easily, introduce a delay after each (or first only, or make it an option to delay first or all) RCPT TO command, if that's an acceptable substitute.
Technical Support support@rollernet.us
Roller Network LLC

RollerNetSupport
Site Admin
Posts: 850
Joined: Wed Nov 17, 2004 10:05 pm
Location: Nevada
Contact:

Post by RollerNetSupport » Sun Sep 10, 2006 4:46 pm

We currently have this implemented as a RCPT TO delay; I'm not seeing a solution short of introducing a proxy in front of the SMTP session. I'd prefer not to do that since it adds complexity to the system and a failure point.
Technical Support support@rollernet.us
Roller Network LLC

Black20VT
Posts: 134
Joined: Sat Nov 05, 2005 12:35 pm
Location: UK
Contact:

Post by Black20VT » Mon Sep 11, 2006 8:25 am

Hi glendale2x

I've sent you a PM with a mail log showing where my server adds the delay. Don't know if it's of any use, but thought I'd send it over anyway :wink:

Keep me posted :D

RollerNetSupport
Site Admin
Posts: 850
Joined: Wed Nov 17, 2004 10:05 pm
Location: Nevada
Contact:

Post by RollerNetSupport » Fri Sep 15, 2006 9:33 am

Well, we can't do it with the current way our content filter works. We might be able to do it with the Postfix Milter-style interface, but that'll take some work to do. (Postfix 2.3 added milter support; we've been using 2.2 until recently.) We're looking at the Milter interface for other reasons, such as less resource usage, so if it's possible we'll do it.
Technical Support support@rollernet.us
Roller Network LLC

Post Reply