Well, I've been having a conversation with Paul Murphy about how IPv6 is going to kill SMTP as we know it. I was arguing that it really wasn't. Yes, there is more complex work involved because you're dealing with a much larger IP base, but it's still not THAT hard to do. Here's some pseudo-code (emphasis on pseudo, it's all sketched out in Notepad, nothing more, and conforms to no known language thus far) that should give you the gist of my point.
// Connection Opens
If (dSeenHosts.Contains(sFullIPv6Address)) {
If (dSeenHosts(sFullIPv6Address).IPBanned) {
dSeenHosts(sFullIPv6Address.Connections++;
Connection.Write(sConnectionBannedMessage);
Connection.Close();
return;
} Else {
dSeenHosts(sFullIPv6Address).Connections++;
}
} Else {
string sPartialHost = sFullIPv6Address.SubString(0,28);
If (dSeenHosts.BeginsWith(sPartialHost).Matches.Count > 0) {
// We've found at least one previous connection from within 4 nybbles
// of the full address.
//
// We can make an assumption then that this is the same ISP as the
// previous connection.
If (dSeenHosts.BeginsWith(sPartialHost).Matches.Count > 1) {
// There's more than one match to this partial host.
// Hosting site? or perhaps spammer?
float fBannedPercentage = 0;
ForEach (var oHost in dSeenHosts.BeginsWith(sPartialHost).Matches) {
If (oHost.IPBanned)
fBannedPercentage++;
}
fBannedPercentage = fBannedPercentage/(dSeenHosts.BeginsWith(sPartialHost).Count + 1));
// Add an additional one to allow for this (unprocessed) host.
If (fBannedPercentage > 0.7) {
// More than 70% of hosts seen from this group have been banned.
Connection.Write(sConnectionBannedMessage);
Connection.Close();
dSeenHosts(sFullIPv6Address).Connections = 1;
dSeenHosts(sFullIPv6Address).IPBanned = True;
dSeenHosts(sFullIPv6Address).BannedDate = Now();
dSeenHosts(sFullIPv6Address).BannedTimes = 1;
} Else {
dSeenHosts(sFullIPv6Address).Connections = 1;
dSeenHosts(sFullIPv6Address).BannedTimes = 0;
}
} Else {
// There's only one previous connection from within this nybble.
dSeenHosts(sFullIPv6Address).Connections = 1;
dSeenHosts(sFullIPv6Address).BannedTimes = 0;
}
}
}If (!Connection.IsOpen()) return;
Connection.SendBanner();
string sHostName = Connection.GetHELO();
bool bHostNameChanged = False;
If (dSeenHosts(sFullIPv6Address).HostName.Length > 0) {
If (dSeenHosts(sFullIPv6Address).HostName != sHostName) {
// That's not what you said last time.
dSeenHosts(sFullIPv6Address).HostName = sHostName;
dSeenHosts(sFullIPv6Address).HostVerificationFailed = False;
bHostNameChanged = True;
}
} Else {
dSeenHosts(sFullIPv6Address).HostName = sHostName;
}
If (!VerifyHostNameMatchesIP(sHostName,sFullIPv6Address)) {
// Function only returns false if it gets a result that doesn't match
// No result is not false.
// Not banning for this. You could, if you really wanted to be strict, but
// The disconnection error should show up on a poorly configured server
// And a spammer gets disconnected here.
Connection.Write(sHostNameDoesntMatchIPError);
Connection.Close();
}
If (!Connection.IsOpen()) return;
MailMessage mMail = Connection.ReceiveMail();
If (!SPFVerify(mMail)) {
Connection.Write(sSPFFailedError);
Connection.Close();
dSeenHosts(sFullIPv6Address).IPBanned = True;
dSeenHosts(sFullIPv6Address).BannedDate = Now();
dSeenHosts(sFullIPv6Address).BannedTimes++;
}
If (!Connection.IsOpen()) return;
If (!DKIMVerify(mMail)) {
Connection.Write(sDKIMFailedError);
Connection.Close();
dSeenHosts(sFullIPv6Address).IPBanned = True;
dSeenHosts(sFullIPv6Address).BannedDate = Now();
dSeenHosts(sFullIPv6Address).BannedTimes++;
}
If (!Connection.IsOpen()) return;
If (!VerifyRecepient(mMail)) {
Connection.Write(sNobodyByThatNameHereError);
Connection.Close();
}
If (!Connection.IsOpen()) return;
If (!RunSpamScore(mMail)) {
If (dSeenHosts(sFullIPv6Address).SpamScore > iUserSpamScore) {
Connection.Write(sSpamScoreExceededError);
Connection.Close();
dSeenHosts(sFullIPv6Address).TimesSpammed++;
If (dSeenHosts(sFullIPv6Address).TimesSpammed > iUserSpamTimes) {
dSeenHosts(sFullIPv6Address).IPBanned = True;
dSeenHosts(sFullIPv6Address).BannedDate = Now();
dSeenHosts(sFullIPv6Address).BannedTimes++;
}
} Else {
If (dSeenHosts(sFullIPv6Address).TimesSpammed > 0) {
dSeenHosts(sFullIPv6Address).TimesSpammed--;
}
}
}
If (!Connection.IsOpen()) return;
Server.Store(mMail);
Connection.Write(sMessageReceivedOK);
Connection.Close();
No comments:
Post a Comment