||POP-Before-SMTP Anti-Spam Configuration
The demise of big "spamhaus" operations like Cyber Promo has
caused the spamming community to resort to "hit-and-run" spamming
through open SMTP relays. This malicious technique is advantageous
to spammers since a single spam can be sent from a throwaway
dialup account and then be exploded out to 50 or more e-mail
addresses by a fast and open SMTP server.
all Virtual Servers are closed to SMTP relaying. This Solution
to the Internet Spam Problem is implemented by the
"POP-before-SMTP" anti-spam configuration, which is specifically
designed to prevent SMTP relaying by spammers. All Virtual
Servers created since March 1, 1998 include this configuration.
||How It Works
Every time someone successfully enters a correct username
and password to your Virtual Server POP or IMAP server (i.e.
checks an e-mail account that is configured on your Virtual
Server), the server records the IP address of the remote client.
The IP address and a timestamp are stored in the ~/etc/relayers.db
database file. The database serves as a list of IP addresses
that are allowed to perform an SMTP relay. A simple rule set
in the "check_rcpt" section of the ~/etc/sendmail.cf
file causes sendmail to refuse to relay e-mail from
any IP address that is not listed in the ~/etc/relayers.db
database file. You will need to add this Rule
Set if it is missing from your ~/etc/sendmail.cf
Even though the POP and IMAP authentication will automatically
cause an IP address to be added to the ~/etc/relayers.db
file, you may on occasion want to manually add or clean the
database yourself. To do this we have created a utility program
named vsmtprelay that allows you to add, delete, expire,
or list IP addresses in the ~/etc/relayers.db file.
vsmtprelay 1.1.0 usage (optional items in ):
% vsmtprelay command [arg] [...]
where "command [arg] [...]" can be one of the following:
"add ip [ticks]" insert address with current timestamp (or ticks)
"delete ip [...]" remove specified address(es)
"expire [n]" expire all old (or older than n minutes) entries
"list [n]" list all old (or older than n minutes) entries
"dump" list every entry, including the future timestamped
IP addresses are expressed as ASCII "dotted quads", e.g. "10.11.12.13".
All timestamps are stored as ASCII strings representing a count of seconds
elapsed since 0 hours, 0 minutes, 0 seconds, January 1, 1970, Coordinated
Universal Time (the common UNIX epoch).
database is implemented as a "Berkeley DB hash file" with
IP addresses as keys and timestamps as the data (all as ASCII
strings). The vsmtprelay list output is intentionally
produced in a form that can be edited manually and rebuilt
by makemap(8) if desired.
the ~/etc/relayers.db database does not use up a lot
of disk space on a Virtual Server, you may wish to automatically
expire entries on a periodic basis to keep the database small.
This can be done using the Cron
program scheduler. For example, the following crontab entry
would expire all of the day-old ~/etc/relayers.db database
entries every night at 3:15 AM.
15 3 * * * /usr/local/bin/vsmtprelay expire 1440
Toll Free 1-866-GSP-4400 • 1-301-464-9363 • firstname.lastname@example.org
Copyright © 1994-2016 GSP Services, Inc.