BadRcptThrottle

Previous page
Table of content
Next page
BadRcptThrottle
Slow excess bad RCPT TO: commands V8.12 and later

One method used to gather addresses for spamming is to misuse the RCPT TO: command. To illustrate , consider the following fragment of an SMTP session: 

 RCPT To:<aa@your.domain> 550 5.1.1 <aa@your.domain>... User unknown RCPT To:<ab@your.domain> 550 5.1.1 <ab@your.domain>... User unknown RCPT To:<ac@your.domain> 550 5.1.1 <ac@your.domain>... User unknown RCPT To:<ad@your.domain> 550 5.1.1 <ad@your.domain>... User unknown RCPT To:<ae@your.domain> 250 2.1.0 <ae@your.domain>... Recipient ok RCPT To:<af@your.domain> 550 5.1.1 <af@your.domain>... User unknown

Here, some other site has connected to your sendmail and started sending bad RCPT TO: commands for a series of possible usernames. These are alphabetical, but other such abuses might be based on lists of common names . Whenever sendmail replies with a 250, the other site knows that that address is good, and adds it to its list of spam addresses.

With V8.12 and later sendmail it is possible to impose a penalty on sites that send too many bad RCPT TO: commands. You do that by defining the BadRcptThrottle , like this: 

 O BadRcptThrottle=  num    configuration file (V8.12 and later)  -OBadRcptThrottle=  num    command line (V8.12 and later)  define(`confBAD_RCPT_THROTTLE',`  num')    mc configuration (V8.12 and later

Here, num is a textual representation of a positive integer. If num is negative, nonnumeric, or zero (the default), bad RCPT TO: commands are accepted without penalty. If num is positive, only that number of bad RCPT TO: commands are allowed in a single SMTP session before a penalty is imposed.

The penalty begins by logging the following warning: 

  other site  : Possible SMTP RCPT flood, throttling.

Thereafter, every RCPT TO: command will be received by the local sendmail , which will sleep for one second before replying. The choice of one second is hardcoded in sendmail and cannot be changed.

The BadRcptThrottle option can be used in combination with the MaxRecipientsPerMessage option (MaxRecipientsPerMessage) to further limit the number of recipients per message.

The BadRcptThrottle option is safe. Even if it is specified from the command line, sendmail retains its special privileges.


Previous page
Table of content
Next page
Sendmail
sendmail, 4th Edition
ISBN: 0596510292
EAN: 2147483647
Year: 2002
Pages: 1174
Authors: Bryan Costales, Claus Assmann, George Jansen, Gregory Neil Shapiro
BUY ON AMAZON
Qshell for iSeries
Lotus Notes and Domino 6 Development (2nd Edition)
Documenting Software Architectures: Views and Beyond
Cisco CallManager Fundamentals (2nd Edition)
Google Maps Hacks: Tips & Tools for Geographic Searching and Remixing
Quantitative Methods in Project Management
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy