Jon_Strabala_46
May 14, 2010Nimbostratus
Want throttle or add small delay/pause to slow down SMTP connections
Hi,
My basic question is once I know I want to temporarily "block" "delay" or "pause" a connection to "slow" down a TCP (actually SMTP) connection a fixed period of time say between 100ms to 2000ms - how do I do it in an iRULE ?
Why I want to do this
I wish to implement via iRULEs a "teergube" (definition below), which would do one of the following a), b), or c) in all cases I do not know to correct why to "pause", "delay" or "block" the data transfer.
I would want to do either a), b) or c). I definitely prefer c) but every approach requires that I understand how solve the question above.
a) on each SMTP connection apply a finite delay when accepting the connection
such as 500ms (1/2 a sec).
b) on each packet (or every N bytes in a SMTP connection) apply a finite delay
better yet after 50K bytes start applying the finite delay.
c) inspect the SMTP data and for connection inspect the payload such that
each time match the following HELO or EHELO (pipelining) I could be smart
about injected delays and prevent 'spammers' from hogging bandwidth. As an
example.
1. if { [string match -nocase "MAIL FROM:*" [TCP::payload]] } {
block or pause the connection a fixed finite delay like 200ms
on occurrence 2-N this lets the first message go fast.
2. if { [string match -nocase "RCPT TO:*" [TCP::payload]] } {
block or pause the connection a fixed finite delay like 100ms
on occurrence 4-N this lets the first message go fast to a
limited number of users.
Thanks in Advance
Other
Information about what a "teergube" is - basically it seems like a way to "slow" done spammers and tie up their resources while eliminating spam:
http://www.iks-jena.de/mitarb/lutz/usenet/teergrube.en.html
http://serverfault.com/questions/60141/is-there-any-point-to-teergrubing-anymore