smptguard is a tool that can control outgoing e-mail over the Internet use SMTP
(Simple Mail Transfer Protocol). This is a solution to meet the needs of Internet Service Providers (ISP).
An ISP receives a tremendous number of e-mail from the network and (client) users. It's good that the server is used on a large scale. However, there are some users who send SPAM and receive viruses via e-mail. In the case of high-speed Internet connection by DSL or optical fiber with its customers, these e-mail become a heavy load to the server and a big operational problem. That is why smtpguard was developed¡Ä
| |||
Patterns of problems |
Unique IP address | Quantity of e-mail | |
Small | Large | Large | Small | Small | Medium |
The words "Small", "Medium", and "Large" used above, which mean differently according to the environments. To set up efficiently, you need to check the items stated below.
The diagram below shows the solution of smtpguard.
| |||
ok |
Treat as a white list | ||
wait |
Delay processing | ||
reject |
Reject messages | ||
Send a warning e-mail | |||
log |
Output a message to log | ||
delete |
Delete records in the database | ||
Description examples of configuration file MAILFROM="postmaster@example.com" SENDMAIL="/usr/sbin/sendmail" EXPIRE=900 # If IP address is 172.16.3.*, add 1 point. A:IP=172.16.3. : add(1) # If MAIL FROM does not end with example.com, add 1 point. A:F! ?=example.com :add(1) # Every RCPT TO, add 1 point A: :add(1) # If RCPT TO does not end with example.com, add 1 point. A: T! ?=example.com :add(1) # If the number of RCPT TO exceeds more than 100, add 100 points temporally. R:TC>100 :addlocal(100) # If the point is more than 100, # ¡û Return "wait(5) to smtpd # ¡û Log output R:P>100 :wait(5), log("inserting a small sleep in a SMTP session from" , IP) # If the point exceeds more than 1,000, # ¡û Send a warning message to "admin@example.com" # ¡û Extend the data expiration time by 900 seconds # ¡û Log output # ¡û Return "MESSAGE" to the client from smtpd R:P>1,000 : mail("admin@example.com"), extendexpire(900), reject("411 mail server temporally rejected message"), log("rejecting a SMTP session from", IP) smtpguard is flexible and can protect your system according to the system's needs. |