On Jun 1, 2004, at 17:23, Mike Bacher wrote:
> Is there a way to make exim delay giving the initial 220 greeting for
> an
> arbitrary amount of time (say, 40 seconds or so)? The idea is that
> most
> spamware will give up after 30 seconds (most are quite impatient from
> what I've read) and move on to the next host. Others that have
> implemented it on their MTAs have seen good results with this method.
Beware that this will interfere with sites that do callout verification
(the timeout for which is 30 seconds by default). If you send a mail
to my machine, and my machine fails to verify
<isp-list@???> within 30 seconds, your message is
rejected.
That said, you can use "delay = 40s" in an "acl_smtp_connect" ACL.
Perhaps something like:
acl_connect:
# Immediately accept connections from our own hosts
accept hosts = $interface_address : +relay_from_hosts
# Stall hosts listed in various DNSbls for 20 seconds
accept
dnslists = lists.dsbl.org : \
dnsbl.sorbs.net : \
dnsbl.njabl.org : \
bl.spamcop.net : \
dsn.rfc-ignorant.org : \
sbl-xbl.spamhaus.org : \
l1.spews.dnsbl.sorbs.net
set acl_c0 = X-RBL-Warning: $sender_host_address is listed in
$dnslist_domain\
${if def:dnslist_text { ($dnslist_text)}{}}
delay = 20s
# Stall hosts for which a rDNS lookup fails
accept
!verify = reverse_host_lookup
set acl_c0 = X-Broken-Reverse-DNS: \
Reverse DNS lookup failed for host
$sender_host_address
delay = 20s
# Accept other hosts
accept
Later, you could use the presence of "$acl_c0" to stall the sender even
further, and/or add its contents to the message headers (e.g. in the
acl_smtp_mail ACL).
BTW, some of the DNSbls above are quite overzealous, and using them to
block incoming mail may be a bit irresponsible. However, using them as
described here, to give a "degraded" service to listed hosts, may well
be worth the effort.
-tor
