On Wed, 20 Sep 2017, Grant Taylor wrote:
Didn't I just see you somewhere else? :-)
I've never thought about a long, multi-line
banner.
Yep; as I recall, the RFC line length is no more than 254 chars (I think),
with no limit on the number of continuation lines. Try connecting to my
server at
horsfall.org (I'll make you wait around 10 seconds), then check
out my RFC-compliant banner... I'll keep an eye out for you in my logs
:-)
I agree with the first two, and I'd like to know
more about the
effectiveness of the third.
Check out
www.horsfall.org/spamlog.pdf for a nice pretty graph; the
rejects on "banner" is the purple one on the top; the "reject" line is
the
red one, and the "spam" line (stuff that gets through) is pink (for SPAM,
geddit?).
Note that many of the "banner" violations are from woodpeckers i.e. they
keep trying until they either give up or I notice (and firewall them).
The tools behind this are still a work in progress, so I don't currently
log the number of "wait" violations etc (it was implemented fairly
recently).
(And yes, my HTML programming sucks.)
--
Dave Horsfall DTM (VK2KFU) "Those who don't understand security will
suffer."