Tip of the Trade: Sendmail's Greet_Pause
Slamming is a popular spammer tactic in which the spammer quickly fires off SMTP messages without waiting for responses from the receiving server. A poorly behaved MTA will then accept traffic from the spammer, instead of rejecting it as it should. But even well-behaved MTAs are affected because of the sheer volume of traffic with which they are forced to deal. The venerable sendmail, as of version 8.13, has a nifty feature called "greet_pause" that not only rejects incorrect SMTP transactions, but also discourages re-sends. Want to stop slamming in its tracks? Sendmail's "greet_pause" rejects incorrect SMTP transactions and discourages re-sends.
In a normal SMTP transaction, the client first connects and the server is supposed to send back a "220" greeting, something like:
$ telnet mail.foo.org 25 Trying 184.108.40.206... Connected to foo.com. Escape character is '^]'. 220-host6.foo.org ESMTP Sendmail 8.13.6/8.13.6; Wed, 14 Jun 2006 18:04:49 -0600 220-We do not authorize the use of this system to transport unsolicited, 220 and/or bulk e-mail.
The pause interval is configurable, so you can tune it as needed.
Interestingly, you'll probably find that your total spam attempts drop significantly after implementing greet_pause, possibly because the spammer's software thinks it's hitting a bad server or bad addresses, or otherwise getting stuck somehow. It's an ingenious and simple method with a low-overhead that discourages significant amounts of spam.
As always, be sure to whitelist all of your important addresses. Visit sendmail.org/doc/ to learn more.