Forum Discussion
Jon_Strabala_46
May 18, 2010Nimbostratus
Aaron,
> As TMM is single threaded, if you could add delay to connections, it would affect all connections
> that the TMM instance is handling. So there isn't a practical way to accomplish exactly what you've
> described.
What about pausing while processing a connections data in a later iRULE clause CLIENT_DATA e.g. after a TCP:collect or is this also single threaded - just curious.
I know I could just redirect the connection into a "tar pit" e.g. a 'C' based SMTP proxy that limits the bandwidth (and also records / logs information about the spammer) but thought that maybe the F5 could do it all.
> I wonder if you could use rate classes to do this to some extent though:
>
>
I was just hoping that there was something like "yeild( millisecs)", so I will look into the applying a rate class and only to 'spamming connections'
Hamish
I do indeed understand that postfix and sendmail have extensive options that can be used to do what I am attempting e.g. down spammers. I also understand that I do not what to apply the slowdown to everyone.
Please also understand that the F5 is used "backwards" for an Mobile ISP thus it fronts hundreds of different unknown types of mail servers (and of course none of them are under the ISP's control).
My iRULE right now analyzes the connection frequency and pattern and pretty much knows which connection is a spammer - right now I drop all SMTP spam connect - but what I wanted to play with was slowing them down to a trickle. According to Aaron (see first part of this reply) it seems like I have to use a rate class.
Thanks for your responses.
Jon Strabala