Bug 219763 - Sendmail's rate throttling module does not work
Summary: Sendmail's rate throttling module does not work
Keywords:
Status: CLOSED DUPLICATE of bug 219762
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: sendmail
Version: 4.4
Hardware: All
OS: Linux
medium
high
Target Milestone: ---
: ---
Assignee: Thomas Woerner
QA Contact: David Lawrence
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-12-15 08:35 UTC by David Herselman
Modified: 2007-11-17 01:14 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-03-08 13:38:18 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Bugzilla 1170156 0 low CLOSED [RFE][UX] Display metadata timestamp 2021-02-22 00:41:40 UTC

Description David Herselman 2006-12-15 08:35:50 UTC
Description of problem:
  We need to implement Sendmail's rate throttling module to automatically
  reject hosts which get infected by viruses or spambots. Sendmail does
  provide for this in the form of the 'ratecontrol' and 'conncontrol'
  modules but they are not working.

  Documentation on these modules is available in /usr/share/sendmail-cf/README


Version-Release number of selected component (if applicable):
  8.13.1-3.RHEL4.5


How reproducible:
  Always


Steps to Reproduce:
  1. Add lines to /etc/mail/sendmail.mc (after 'FEATURE(access_db):
    dnl # Limit machines sending viruses
    define(`confCONNECTION_RATE_WINDOW_SIZE', `600s')dnl
    FEATURE(`greet_pause', `2000')dnl
    FEATURE(`ratecontrol')dnl
    FEATURE(`conncontrol')dnl
  2. Add lines to /etc/mail/access:
    GreetPause:127.0.0.1     0
    ClientConn:127.0.0.1     0
    ClientConn:10.0          5
    ClientConn:192.168       5
    ClientConn:              50
    ClientRate:127.0.0.1     0
    ClientRate:10.0          10
    ClientRate:192.168       10
    ClientRate:              100
  3. Rebuild configuration files and restart sendmail:
    make -C/etc/mail
    m4 /etc/mail/sendmail.mc > /etc/mail/sendmail.cf
    service sendmail restart

  
Actual results:
  We've unfortunately just been blacklisted due to a user's machine being
  infected by a spambot which sent out over 16,000 messages over a two hour
  window.


Expected results:
  The configuration above should automatically limit clients when sending
  more than 10 emails within 600 seconds (10 minutes) when the connection
  originates from the 192.168.0.0/16 or 10.0.0.0/16 subnets.



Additional info:

Comment 1 David Herselman 2006-12-15 08:39:23 UTC
This is a duplicate of 219762

Comment 2 Thomas Woerner 2007-03-08 13:38:18 UTC

*** This bug has been marked as a duplicate of 219762 ***


Note You need to log in before you can comment on or make changes to this bug.