Giter VIP home page Giter VIP logo

amber's Introduction

AMBER

NAME

amber -- amber-list for incoming mail

SYNOPSIS

amber [-lnNeE] [-d dir] [-c secs] [-t secs] [-T secs] [-i secs] [-I secs] [-g file] [-r file] [-p NAME[=VAL]] [-s NNN Message ] [command [args]...]

amber -V

DESCRIPTION

Amber sits in the tcpserver chain for qmail and implements an "amber list" for incoming mail, not accepting or rejecting it but deferring connections from new IP addresses for some time (default five minutes) before it starts accepting mail from them.

OPTIONS

-l
Log messages to syslog instead of printing them on standard error. This is partly redundant for the normal configuration under qmail since standard error will already be logged to syslog. You can use this to take distinguish between different error priorities: amber generates LOG_ERR, LOG_WARNING, and LOG_NOTICE.
-d dir
Change directory to "dir" first thing. Amber main- tains its connection database in the current direc- tory. It is recommended that the database be pruned periodically, with a command like find $dir -name '*.t' -mtime +2 -exec rm '{}' ';'
-t delay-time
How long to keep delaying new connections. Time is seconds, [HH:]MM:SS, or any combination of DDd, HHh, MMm, and SSs (eg: 300, 5m, 5:00 are all the same period, as are 90, 1:30, or 1m30s).
-T long-delay-time
Alternate delay to apply to connections from unre- solved IP addresses. Default is 6 times delay-time.
-i idle-time
Reset connection to idle after this long. Accepts the same time formats as -t
-I long-idle-time
Alternate idle reset time for unresolved IP addresses. Default is idle-time.
-p NAME[=VALUE]
If this variable is set (and has the specied value, if provided) then amber will pass it without check- ing. There may be multiple -p options. The default value "AMBERCHECK=NO" is implicitly in this list, but additional values (such as "RELAYCLIENT" or "RBLSMTPD=") can help avoid embarassment, depending on your configuration.
-n
Throttle connections from unresolvable IP
addresses. That is, after one connection is allowed, the address is immediately reset to idle, throttling the connection to at most once-per-long- delay-time.
-N
Throttles connections from domains that contain
strings that imply the connection is a dynamic IP. The compiled-in list is {"dsl", "cable", "dyn", "ppp", and "dial"}.
-c connection-delay
Waits connection-delay seconds before continuing on to the next stage in the pipeline. This causes some simplistic spambots and viruses to disconnect. The -c option also logs eager-writers that send data during the connection delay (legitimate mail soft- ware is supposed to wait for the HELO before send- ing any commands) and applies the same delays and timeouts to them as unresolved IP addresses.
-e
Throttle eager writers to one message per delay- time.
-E
Defer eager writers indefinitely.
-s "NNN Message"
Specify an alternate SMTP error code to generate on connection instead of the default "430 Message Deferred".
-b bad-file (v 0.1)
-r redlist-file (v 0.2)
If everything else passes, check this file for bad IP addresses to explicitly block. The file format is one address per line, optionally followed by an alternate SMTP error code and message. This file may be fed from a spamtrap, or statically built, or created using any other method that makes sense in your environment.
-g greenlist-file (v 0.2)
After the connection delay, check this file for IP addresses to explicitly allow. The file format is one address per line. This file may be fed from a mail server for POP3/IMAP4-before-SMTP, or any other method that fits your policies. This should be a small file for sort-lived greenlisting to avoid beating on tcpserver's tcp.smtp.cdb file (or your local equivalent)... long term greenlisting would be handled before amber.
-V Print version and exit.

OUTPUTS

On success, run the specified command. On failure, send an SMTP code back down the socket and close the con- nection. If command is omitted then amber returns a success or failure status but doesn't send any- thing... normally a command such as "qmail-smtpd" would be provided, but this feature could be used if amber is run from a script.

EXAMPLES

amber -i 1d -p RELAYCLIENT qmail-smtpd

LICENSE

Amber is released under a "Berkeley" style license.

AUTHOR

Peter da Silva

amber's People

Contributors

resuna avatar

Watchers

avatar

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.