POP-Before-SMTP Anti-Spam Configuration

Quick Navigator

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits

POP-Before-SMTP Anti-Spam Configuration
The demise of big "spamhaus" operations like Cyber Promo has caused the spamming community to resort to "hit-and-run" spamming through open SMTP relays. This malicious technique is advantageous to spammers since a single spam can be sent from a throwaway dialup account and then be exploded out to 50 or more e-mail addresses by a fast and open SMTP server.
By default all Virtual Servers are closed to SMTP relaying. This Solution to the Internet Spam Problem is implemented by the "POP-before-SMTP" anti-spam configuration, which is specifically designed to prevent SMTP relaying by spammers. All Virtual Servers created since March 1, 1998 include this configuration.

How It Works
Every time someone successfully enters a correct username and password to your Virtual Server POP or IMAP server (i.e. checks an e-mail account that is configured on your Virtual Server), the server records the IP address of the remote client. The IP address and a timestamp are stored in the ~/etc/relayers.db database file. The database serves as a list of IP addresses that are allowed to perform an SMTP relay. A simple rule set in the "check_rcpt" section of the ~/etc/sendmail.cf file causes sendmail to refuse to relay e-mail from any IP address that is not listed in the ~/etc/relayers.db database file. You will need to add this Rule Set if it is missing from your ~/etc/sendmail.cf file.

vsmtprelay
Even though the POP and IMAP authentication will automatically cause an IP address to be added to the ~/etc/relayers.db file, you may on occasion want to manually add or clean the database yourself. To do this we have created a utility program named vsmtprelay that allows you to add, delete, expire, or list IP addresses in the ~/etc/relayers.db file.

% vsmtprelay vsmtprelay 1.1.0 usage (optional items in []): % vsmtprelay command [arg] [...] where "command [arg] [...]" can be one of the following: "add ip [ticks]" insert address with current timestamp (or ticks) "delete ip [...]" remove specified address(es) "expire [n]" expire all old (or older than n minutes) entries "list [n]" list all old (or older than n minutes) entries "dump" list every entry, including the future timestamped IP addresses are expressed as ASCII "dotted quads", e.g. "10.11.12.13". All timestamps are stored as ASCII strings representing a count of seconds elapsed since 0 hours, 0 minutes, 0 seconds, January 1, 1970, Coordinated Universal Time (the common UNIX epoch).

The ~/etc/relayers.db database is implemented as a "Berkeley DB hash file" with IP addresses as keys and timestamps as the data (all as ASCII strings). The vsmtprelay list output is intentionally produced in a form that can be edited manually and rebuilt by makemap(8) if desired.
Although the ~/etc/relayers.db database does not use up a lot of disk space on a Virtual Server, you may wish to automatically expire entries on a periodic basis to keep the database small. This can be done using the Cron program scheduler. For example, the following crontab entry would expire all of the day-old ~/etc/relayers.db database entries every night at 3:15 AM.

15 3 * * * /usr/local/bin/vsmtprelay expire 1440