*** srvrsmtp.c Sun Apr 19 22:41:49 1998 --- srvrsmtp.c.new Sun Apr 19 22:41:26 1998 *************** *** 137,142 **** --- 137,149 ---- #define MAXHELOCOMMANDS 3 /* max HELO/EHLO commands before slowdown */ #define MAXVRFYCOMMANDS 6 /* max VRFY/EXPN commands before slowdown */ #define MAXETRNCOMMANDS 8 /* max ETRN commands before slowdown */ + #define MAXRCPTCOMMANDS 1 /* max RCPT TO commands before slowdown */ + #define MINRCPTDELAY 3 /* min time to sleep() between RCPT TO lines (default tarpit) + WARNING: busy mailers should set this rather low, as this + keeps sendmail processes (and resources) tied up for a longer + time. + */ + #define ADDRCPTDELAY 0.33 /* add n seconds delay per RCPT line over MAXRCPTCOMMANDS */ void smtp(nullserver, e) *************** *** 163,168 **** --- 170,176 ---- volatile int n_etrn = 0; /* count of ETRN commands */ volatile int n_noop = 0; /* count of NOOP/VERB/ONEX etc cmds */ volatile int n_helo = 0; /* count of HELO/EHLO commands */ + volatile int n_rcpt = 0; /* count of RCPT TO commands */ bool ok; volatile int lognullconnection = TRUE; register char *q; *************** *** 652,657 **** --- 660,669 ---- break; } + /* avoid relay spamming via tarpit */ + sleep(MINRCPTDELAY); + checksmtpattack(&n_rcpt, MAXRCPTCOMMANDS, "RCPT spam", e); + if (e->e_sendmode != SM_DELIVER) e->e_flags |= EF_VRFYONLY; *************** *** 1109,1114 **** --- 1121,1128 ---- char *cname; ENVELOPE *e; { + int delay_time; + if (++(*pcounter) >= maxcount) { if (*pcounter == maxcount && LogLevel > 5) *************** *** 1117,1123 **** --- 1131,1147 ---- "%.100s: %.40s attack?", CurSmtpClient, cname); } + if (!strcmp(cname,"RCPT spam")) /* tarpit functionality */ + { + delay_time = 1 + (*pcounter - maxcount) * ADDRCPTDELAY; /* add 1 to offset int */ + if (delay_time + MINRCPTDELAY > 240) + delay_time = 240 - MINRCPTDELAY; + /* no more than 4 minutes of delay to comply with RFC 1123 5.3.2: 5 min max. */ + sleep(delay_time); + } else + { sleep(*pcounter / maxcount); + } } } /*