Home Contact Us Search

[ Order a Server ] [ Server Support ]


[ Getting Started ] [ Server Help ] [ Add on Help ] [ Solution ] [ Trouble Shooting ]

PLEASE NOTE, THIS IS VERY OLD ARCHIVE INFORMATION AND MAY NOT FUNCTION ON NEW SERVERS

[ DNS ] [ Email ] [ Server Admin ] [ Web Server ]

POP-Before-SMTP Anti-Spam Configuration

The demise of big "spamhaus" operations like Cyber Promo has caused the spamming community to resort to "hit-and-run" spamming through open SMTP relays. This malicious technique is advantageous to spammers since a single spam can be sent from a throwaway dialup account and then be exploded out to 50 or more e-mail addresses by a fast and open SMTP server.

By default all Virtual Servers are closed to SMTP relaying. This Solution to the Internet Spam Problem is implemented by the "POP-before-SMTP" anti-spam configuration, which is specifically designed to prevent SMTP relaying by spammers. All Virtual Servers created since March 1, 1998 include this configuration.

NOTE: Some of our Virtual Server customers have been contacted by ORBS (Open Relay Behaviour-modification System) advising them that their Virtual Server is an open SMTP relay. Usually, the customer has disabled the POP-before-SMTP anti-spam configuration on their Virtual Server.

If you have been contacted by ORBS and wish to be removed from the ORBS database you must re-enable the POP-before-SMTP anti-spam configuration and then submit your Virtual Server IP address to ORBS for testing and approval.

Of course, it is not mandatory to do this, but doing so will get ORBS off of your back.

How It Works

Every time someone successfully enters a correct username and password to your Virtual Server POP or IMAP server (i.e. checks an e-mail account that is configured on your Virtual Server), the server records the IP address of the remote client. The IP address and a timestamp are stored in the ~/etc/relayers.db database file. The database serves as a list of IP addresses that are allowed to perform an SMTP relay. A simple rule set in the "check_rcpt" section of the ~/etc/sendmail.cf file causes sendmail to refuse to relay e-mail from any IP address that is not listed in the ~/etc/relayers.db database file. You will need to add this Rule Set if it is missing from your ~/etc/sendmail.cf file.

vsmtprelay

Even though the POP and IMAP authentication will automatically cause an IP address to be added to the ~/etc/relayers.db file, you may on occasion want to manually add or clean the database yourself. To do this we have created a utility program named vsmtprelay that allows you to add, delete, expire, or list IP addresses in the ~/etc/relayers.db file. 


% vsmtprelay
vsmtprelay 1.1.0 usage (optional items in []):

    % vsmtprelay command [arg] [...]

where "command [arg] [...]" can be one of the following:

    "add ip [ticks]"   insert address with current timestamp (or ticks)
    "delete ip [...]"  remove specified address(es)
    "expire [n]"       expire all old (or older than n minutes) entries
    "list [n]"         list all old (or older than n minutes) entries
    "dump"             list every entry, including the future timestamped

IP addresses are expressed as ASCII "dotted quads", e.g. "10.11.12.13".
All timestamps are stored as ASCII strings representing a count of seconds
elapsed since 0 hours, 0 minutes, 0 seconds, January 1, 1970, Coordinated
Universal Time (the common UNIX epoch).

The ~/etc/relayers.db database is implemented as a "Berkeley DB hash file" with IP addresses as keys and timestamps as the data (all as ASCII strings). The vsmtprelay list output is intentionally produced in a form that can be edited manually and rebuilt by makemap(8) if desired.

Although the ~/etc/relayers.db database does not use up a lot of disk space on a Virtual Server, you may wish to automatically expire entries on a periodic basis to keep the database small. This can be done using the Cron program scheduler. For example, the following crontab entry would expire all of the day-old ~/etc/relayers.db database entries every night at 3:15 AM. 

15 3 * * *  /usr/local/bin/vsmtprelay expire 1440

[ DNS ] [ Email ] [ Server Admin ] [ Web Server ]

PLEASE NOTE, THIS IS OLD ARCHIVE INFORMATION AND MAY NOT FUNCTION ON NEW SERVERS