Anaerin's Blog: November 2011

Well, I've been having a conversation with Paul Murphy about how IPv6 is going to kill SMTP as we know it. I was arguing that it really wasn't. Yes, there is more complex work involved because you're dealing with a much larger IP base, but it's still not THAT hard to do. Here's some pseudo-code (emphasis on pseudo, it's all sketched out in Notepad, nothing more, and conforms to no known language thus far) that should give you the gist of my point.

// Connection Opens
If (dSeenHosts.Contains(sFullIPv6Address)) {
    If (dSeenHosts(sFullIPv6Address).IPBanned) {
        dSeenHosts(sFullIPv6Address.Connections++;
        Connection.Write(sConnectionBannedMessage);
        Connection.Close();
        return;
    } Else {
        dSeenHosts(sFullIPv6Address).Connections++;
    }
} Else {
    string sPartialHost = sFullIPv6Address.SubString(0,28);
    If (dSeenHosts.BeginsWith(sPartialHost).Matches.Count > 0) {
        // We've found at least one previous connection from within 4 nybbles
        // of the full address.
        //
        // We can make an assumption then that this is the same ISP as the
        // previous connection.

        If (dSeenHosts.BeginsWith(sPartialHost).Matches.Count > 1) {
            // There's more than one match to this partial host.
            // Hosting site? or perhaps spammer?
            float fBannedPercentage = 0;
            ForEach (var oHost in dSeenHosts.BeginsWith(sPartialHost).Matches) {
                If (oHost.IPBanned)
                    fBannedPercentage++;
            }
            fBannedPercentage = fBannedPercentage/(dSeenHosts.BeginsWith(sPartialHost).Count + 1));
            // Add an additional one to allow for this (unprocessed) host.
            If (fBannedPercentage > 0.7) {
                // More than 70% of hosts seen from this group have been banned.
                Connection.Write(sConnectionBannedMessage);
                Connection.Close();
                dSeenHosts(sFullIPv6Address).Connections = 1;
                dSeenHosts(sFullIPv6Address).IPBanned = True;
                dSeenHosts(sFullIPv6Address).BannedDate = Now();
                dSeenHosts(sFullIPv6Address).BannedTimes = 1;
            } Else {
                dSeenHosts(sFullIPv6Address).Connections = 1;
                dSeenHosts(sFullIPv6Address).BannedTimes = 0;
            }
        } Else {
            // There's only one previous connection from within this nybble.
            dSeenHosts(sFullIPv6Address).Connections = 1;
            dSeenHosts(sFullIPv6Address).BannedTimes = 0;
        }
    }
}
If (!Connection.IsOpen()) return;
Connection.SendBanner();
string sHostName = Connection.GetHELO();
bool bHostNameChanged = False;
If (dSeenHosts(sFullIPv6Address).HostName.Length > 0) {
    If (dSeenHosts(sFullIPv6Address).HostName != sHostName) {
        // That's not what you said last time.
        dSeenHosts(sFullIPv6Address).HostName = sHostName;
        dSeenHosts(sFullIPv6Address).HostVerificationFailed = False;
        bHostNameChanged = True;
    }
} Else {
    dSeenHosts(sFullIPv6Address).HostName = sHostName;
}
If (!VerifyHostNameMatchesIP(sHostName,sFullIPv6Address)) {
    // Function only returns false if it gets a result that doesn't match
    // No result is not false.
    // Not banning for this. You could, if you really wanted to be strict, but
    // The disconnection error should show up on a poorly configured server
    // And a spammer gets disconnected here.
    Connection.Write(sHostNameDoesntMatchIPError);
    Connection.Close();
}
If (!Connection.IsOpen()) return;
MailMessage mMail = Connection.ReceiveMail();
If (!SPFVerify(mMail)) {
    Connection.Write(sSPFFailedError);
    Connection.Close();
    dSeenHosts(sFullIPv6Address).IPBanned = True;
    dSeenHosts(sFullIPv6Address).BannedDate = Now();
    dSeenHosts(sFullIPv6Address).BannedTimes++;
}
If (!Connection.IsOpen()) return;
If (!DKIMVerify(mMail)) {
    Connection.Write(sDKIMFailedError);
    Connection.Close();
    dSeenHosts(sFullIPv6Address).IPBanned = True;
    dSeenHosts(sFullIPv6Address).BannedDate = Now();
    dSeenHosts(sFullIPv6Address).BannedTimes++;
}
If (!Connection.IsOpen()) return;
If (!VerifyRecepient(mMail)) {
    Connection.Write(sNobodyByThatNameHereError);
    Connection.Close();
}
If (!Connection.IsOpen()) return;
If (!RunSpamScore(mMail)) {
    If (dSeenHosts(sFullIPv6Address).SpamScore > iUserSpamScore) {
        Connection.Write(sSpamScoreExceededError);
        Connection.Close();
        dSeenHosts(sFullIPv6Address).TimesSpammed++;
        If (dSeenHosts(sFullIPv6Address).TimesSpammed > iUserSpamTimes) {
            dSeenHosts(sFullIPv6Address).IPBanned = True;
            dSeenHosts(sFullIPv6Address).BannedDate = Now();
            dSeenHosts(sFullIPv6Address).BannedTimes++;
        }
    } Else {
        If (dSeenHosts(sFullIPv6Address).TimesSpammed > 0) {
            dSeenHosts(sFullIPv6Address).TimesSpammed--;
        }
    }
}
If (!Connection.IsOpen()) return;
Server.Store(mMail);
Connection.Write(sMessageReceivedOK);
Connection.Close();

Anaerin's Blog

Wednesday, November 16, 2011

E-Mail, DNS, IPv6, and much more...

About Me

Blog Archive