
	Search: For: ~ Advanced Search

Support Home > VPS v1 > Administration > E-mail >

Monday, October 06, 2008

POP-Before-SMTP Anti-Spam Configuration

The demise of big "spamhaus" operations like Cyber Promo has caused the spamming community to resort to "hit-and-run" spamming through open SMTP relays. This malicious technique is advantageous to spammers since a single spam can be sent from a throwaway dialup account and then be exploded out to 50 or more e-mail addresses by a fast and open SMTP server.

By default all Virtual Private Servers are closed to SMTP relaying. This Solution to the Internet Spam Problem is implemented by the "POP-before-SMTP" anti-spam configuration, which is specifically designed to prevent SMTP relaying by spammers. All Virtual Servers created since March 1, 1998 include this configuration.

How It Works

Every time someone successfully enters a correct username and password to your VPS POP or IMAP server (i.e. checks an e-mail account that is configured on your VPS), the server records the IP address of the remote client. The IP address and a timestamp are stored in the ~/etc/relayers.db database file. The database serves as a list of IP addresses that are allowed to perform an SMTP relay. A simple rule set in the "check_rcpt" section of the ~/etc/sendmail.cf file causes sendmail to refuse to relay e-mail from any IP address that is not listed in the ~/etc/relayers.db database file. You will need to add this Rule Set if it is missing from your ~/etc/sendmail.cf file.

vsmtprelay

Even though the POP and IMAP authentication will automatically cause an IP address to be added to the ~/etc/relayers.db file, you may on occasion want to manually add or clean the database yourself. To do this a program has been created named vsmtprelay that allows you to add, delete, expire, or list IP addresses in the ~/etc/relayers.db file.

% vsmtprelay
  vsmtprelay 1.1.0 usage (optional items in []):

% vsmtprelay command [arg] [...]

  where "command [arg] [...]" can be one of the following:

  "add ip [ticks]"   insert address with current timestamp (or ticks)

  "delete ip [...]"  remove specified address(es)

  "expire [n]"       expire all old (or older than n minutes) entries

  "list [n]"         list all old (or older than n minutes) entries

  "dump"             list every entry, including the future timestamped

IP addresses are expressed as ASCII "dotted quads", e.g. "10.11.12.13".

All timestamps are stored as ASCII strings representing a count of seconds
elapsed since 0 hours, 0 minutes, 0 seconds, January 1, 1970, Coordinated
Universal Time (the common UNIX epoch).

The ~/etc/relayers.db database is implemented as a "Berkeley DB hash file" with IP addresses as keys and timestamps as the data (all as ASCII strings). The vsmtprelay list output is intentionally produced in a form that can be edited manually and rebuilt by makemap(8) if desired.

Although the ~/etc/relayers.db database does not use up a lot of disk space on a Virtual Server, you may wish to automatically expire entries on a periodic basis to keep the database small. This can be done using the Cron program scheduler. For example, the following crontab entry would expire all of the day-old ~/etc/relayers.db database entries every night at 3:15 AM.

15 3 * * * /usr/local/bin/vsmtprelay expire 1440

Technical Support

°	Getting Started Guide
	FreeBSD
°	VPS v1 Help
°	VPS v2/3 Help
°	MPS v2/3 Help
	DNS
°	Domain Name Service
°	Domain Registration

°	Help Desk
°	Knowledgebase
°	Support Policies
°	Disclaimer

°	AlpineWeb Home
°	Compare Hosting Plans
°	Network Topology

°	Rates & Fees
°	Order Center

	SEE ALSO:
·	Creating e-mail user accounts
·	Configuring an e-mail autoreply
·	Using poppassd to change POP account passwords
·	Solutions to the Internet spam problem
·	Implementing Microsoft Exchange Mail-on-Demand
·	Maintaining Your Virtual Server Mail Queue

Home | Site Map | Customer Backroom