Previous diff at a problem, and missed usage() changes (thanks jmc).
I'd really like a couple of more spamd greylisters to try this. On a
really big site here while this has doubled my number of simultaneous
connections (due to the 10 second delay at the start) it has reduced
my average greylist size by about 1/3 to 1/2 - many spammers simply
disconnect and give up if they think you're a tarpit. You probably
want to try this folks. When combined with some clevely chosen
spamtraps as well, my active greylist on this machine dropped from
averaging 40,000 to 50,000 entries down to 10,000 to 15,000 entries.
(and 5,000 to 9000 "Trapped" hosts over a day)

-Bob


Index: spamd.8
================================================== =================
RCS file: /cvs/src/libexec/spamd/spamd.8,v
retrieving revision 1.53
diff -u -r1.53 spamd.8
--- spamd.8 2005/03/11 23:09:53 1.53
+++ spamd.8 2005/04/13 22:03:21
@@ -39,6 +39,7 @@
.Op Fl n Ar name
.Op Fl p Ar port
.Op Fl r Ar reply
+.Op Fl S Ar secs
.Op Fl s Ar secs
.Op Fl w Ar window
.Ek
@@ -108,6 +109,10 @@
.It Fl r Ar reply
The SMTP error to return to the spammer, i.e. 450, 451, 550.
This defaults to 450.
+.It Fl S Ar secs
+Stutter at greylisted connections for the specified amount
+of seconds, after which the connection is not stuttered at.
+Defaults to 10.
.It Fl s Ar secs
Delay each character sent to the client by the specified
amount of seconds.
Index: spamd.c
================================================== =================
RCS file: /cvs/src/libexec/spamd/spamd.c,v
retrieving revision 1.75
diff -u -r1.75 spamd.c
--- spamd.c 2005/03/11 23:09:53 1.75
+++ spamd.c 2005/04/13 22:03:21
@@ -132,6 +132,7 @@
int clients;
int debug;
int greylist;
+int grey_stutter = 10;
int verbose;
int stutter = 1;
int window;
@@ -145,7 +146,7 @@
fprintf(stderr,
" [-G mins:hours:hours] [-n name] [-p port]\n");
fprintf(stderr,
- " [-r reply] [-s secs] [-w window]\n");
+ " [-r reply] [-S secs] [-s secs] [-w window]\n");
exit(1);
}

@@ -578,7 +579,7 @@
cp->af = sa->sa_family;
cp->ia = &((struct sockaddr_in *)sa)->sin_addr;
cp->blacklists = sdl_lookup(blacklists, cp->af, cp->ia);
- cp->stutter = (greylist && cp->blacklists == NULL) ? 0 : stutter;
+ cp->stutter = (greylist && !grey_stutter && cp->blacklists == NULL) ? 0 : stutter;
error = getnameinfo(sa, sa->sa_len, cp->addr, sizeof(cp->addr), NULL, 0,
NI_NUMERICHOST);
if (error)
@@ -887,6 +888,11 @@
{
int n;

+ /* kill stutter on greylisted connections after initial delay */
+ if (cp->stutter && greylist && cp->blacklists == NULL &&
+ ((t - cp->s) > grey_stutter))
+ cp->stutter=0;
+
if (cp->w) {
if (*cp->op == '\n' && !cp->sr) {
/* insert \r before \n */
@@ -1001,6 +1007,12 @@
if (i < 0 || i > 10)
usage();
stutter = i;
+ break;
+ case 'S':
+ i = atoi(optarg);
+ if (i < 0 || i > 90)
+ usage();
+ grey_stutter = i;
break;
case 'n':
spamd = optarg;