On Thu, 24 Jun 2004 16:59:02 -0400, David Brodbeck <gull(_at_)gull(_dot_)us>
wrote:
Incidentally, has anyone noticed that AOL's servers are awfully impatient?
I'm getting a lot of these lately:
2004-06-24 14:57:38 SMTP protocol violation: synchronization error (input sent
without waiting for greeting): rejected connection from H=rly-ip05.mx.aol.com
[64.12.138.9]
This is the kind of behavior I usually associate with spammers, which is why
my MTA rejects hosts that act this way. Does anyone know why AOL's servers
are so badly behaved?
I use qpsmtpd (http://smtpd.develooper.com/) at home and it has a
plugin module that specifically looks for this behaviour (it sleeps
for a second on connection, and then checks to see if the other end
has been sending data already).
http://smtpd.develooper.com/check_earlytalker - Check that the
client doesn't talk before we send the SMTP banner
DESCRIPTION: Hooks connect, checks to see if the remote host starts
talking before
we've issued a 2xx greeting. If so, we're likely looking at a
direct-to-MX spam agent which pipelines its entire SMTP conversation,
and will happily dump an entire spam into our mail log even if later
tests deny acceptance. Such clients gets a 450 error code.
I haven't checked my logs, but I know plenty of qpsmtpd users find
this to be one of the single most successful spam/virus filters.
--
T