Contributed by sean on from the sometimes you just need to <b>hear</b> about it dept.
http://bsdtalk.blogspot.com/2006/09/bsdtalk068-interview-with-openbsd.html
(Comments are closed)
OpenBSD Journal
Contributed by sean on from the sometimes you just need to <b>hear</b> about it dept.
(Comments are closed)
Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]
By Anonymous Coward (75.132.114.37) on
/usr/src/libexec/spamd/spamd.c (3.9)
- snprintf(cp->obuf, cp->osize, "220 %s ESMTP %s; %s\r\n",
- hostname, spamd, tmp);
+ snprintf(cp->obuf, cp->osize, "220 %s Microsoft ESMTP Mail Service, Version: 6.0.3790.1830 ready at %s\r\n",
+ hostname, tmp);
- snprintf(cp->obuf, cp->osize, "221 %s\r\n", hostname);
+ snprintf(cp->obuf, cp->osize, "221 2.0.0 %s Service closing transmission channel\r\n", hostname);
- "250 Ok to start over.\r\n");
+ "250 2.0.0 Resetting\r\n");
- "250 Hello, spam sender. "
- "Pleased to be wasting your time.\r\n");
+ "250 %s Hello [%s]\r\n", hostname, cp->addr);
- "250 You are about to try to deliver spam. "
- "Your time will be spent, for nothing.\r\n");
+ "250 2.1.0 Sender OK\r\n");
- "250 This is hurting you more than it is "
- "hurting me.\r\n");
+ "250 2.1.5 Recipient OK\r\n");
- "354 Enter spam, end with \".\" on a line by "
- "itself\r\n");
+ "354 Start mail input; end with <CRLF>.<CRLF>\r\n");
Comments
By Sean (65.174.122.201) on
Why?
Comments
By Anonymous Coward (75.132.114.37) on
>>First thing I do is make spamd look like an Exchange 2003 server.
>Why?
Why not? Confound the enemy. I don't use the greylisting at all; I use spamd to tie up connections as long as possible (published as lowest priority MX's). As I said, I have no objective evidence that it helps anything at all, but I would be incredibly curious to see if there would be any change in traffic patterns based on who the server is pretending to be.
Just found:
beck@: http://www.openbsd.org/papers/bsdcan05-spamd/mgp00023.html
Comments
By Anonymous Coward (82.195.149.9) on
> >Why?
>
> Why not? Confound the enemy. I don't use the greylisting at all; I use spamd to tie up connections as long as possible (published as lowest priority MX's). As I said, I have no objective evidence that it helps anything at all, but I would be incredibly curious to see if there would be any change in traffic patterns based on who the server is pretending to be.
>
> Just found:
> beck@: http://www.openbsd.org/papers/bsdcan05-spamd/mgp00023.html
>
>
Some spammers disconnect when they see the headers, some disconnect when they realise they are being stuttered. Either way, leaving it as is will provide the best anti-spam results.
By djm@ (206.59.235.113) on
> If I knew what I was doing, I'd add fortune(1)-style randomization
> so it could mimic different SMTP servers, though I have no objective
> evidence it would actually help matters.....
A little while ago I hacked mine to return random strings from theo.c instead of its standard responses to see if spammers cared about the difference. IIRC they didn't (based on a very unscientific visual review of a gnuplot of disconnect times).
Comments
By Bob Beck (129.128.11.43) beck@openbsd.org on
> > If I knew what I was doing, I'd add fortune(1)-style randomization
> > so it could mimic different SMTP servers, though I have no objective
> > evidence it would actually help matters.....
>
> A little while ago I hacked mine to return random strings from theo.c instead of its standard responses to see if spammers cared about the difference. IIRC they didn't (based on a very unscientific visual review of a gnuplot of disconnect times).
The only thing I've noticed matters is occasionally the header, but
more often the fact that you stutter at them. They definately notice
the stuttering.
-Bob
By Matthias Kilian (84.134.30.21) on
BTW: the interview Bob mentioned is probably this one:
http://www.onlamp.com/pub/a/bsd/2005/05/19/openbsd_3_7.html