Marcus Ilgner wrote:
could maybe someone point me to some documentation on the tarpit
functionality in the Courier MTA?
I don't think there's much on the website... The mailing list archives
and the C code (courier/module.esmtp/couriesmtpd.c around line 65 is a
start) will have to suffice...
What options there are possibly to set,
There aren't any options to be set (though I'd love to have the ability
to configure the timeout lengths and have a whitelist... hint, hint...).
You could play with the hard coded INIT_TEERGRUBE and MAX_TEERGRUBE
definitions and recompile... Setting INIT_TEERGRUBE to 0 should
effectively disable the tarpit. Bumping MAX_TEERGRUBE to high would
likely result in ESMTP connections timing out (possibly from a legit
connection that just has a bunch of old email addresses...)
how it determines the address to tarpit etc.
As I understand it, it's not based on address, it's based on the server
response. For example, if I connect and start sending bad commands, I
start getting tarpitted. If I send a rcpt to: and Courier responds that
it's non-existant, I start getting tarpitted... The timeout length
continues until it hits MAX_TEERGRUBE. These settings are per session
as I understand, so that if the same IP connects later (or even at the
same time), one connections bad behavior will not cause the other to be
tarpitted.
Up to now the
existence of that functionality was the only thing that I could find
;)
Yep, this does need a little more documentation. Especially since it
can really break things like Backup MX servers (yes I know they're a bad
idea nowadays anyways but that doesn't mean they're going away)...
Jay
11 messages in net.sourceforge.lists.courier-usersRe: [courier-users] sender verify cal...
