----- Original Message ----- > From: "Christian Kivalo" <ml+postfix-us...@valo.at> > To: postfix-users@postfix.org > Sent: Saturday, January 23, 2016 2:56:25 PM > Subject: Re: Postfix Postscreen Pregreet Test
> Am 23. Jänner 2016 04:30:02 MEZ, schrieb Nguyen Nang Thang > <than...@iwayvietnam.com>: >>----- Original Message ----- >>> From: "Wietse Venema" <wie...@porcupine.org> >>> To: "Postfix users" <postfix-users@postfix.org> >>> Sent: Saturday, January 23, 2016 9:57:40 AM >>> Subject: Re: Postfix Postscreen Pregreet Test >> >>> Nguyen Nang Thang: >>>> > Postfix sends: >>>> > >>>> > 220-myhostname ESMTP >>>> > >>>> > Postfix waits $postscreen_greet_wait seconds. >>>> > Bad SMTP clients will greet before $postscreen_greet_wait seconds >>>> > have passed. >>>> > >>>> > 220 myhostname ESMTP >>>> > >>>> > Good SMTP clients will greet now. >>>> >>>> Wietse: >>>> Thanks for your detailed explain. Can you suggest me technical ways >>to manually >>>> test Bad SMTP clients >>>> that greet before $postscreen_greet_wait seconds have passed? >>> >>> echo whatever | nc host 25 >> >>Wietse: >>I dit my test as below: >># nc localhost 25 < /tmp/postscreen-greet-wait.txt >>The output: >>220 gw.mydomain.com ESMTP Postfix (2.10.1) >>250 2.1.0 Ok >>250 2.1.5 Ok >>354 End data with <CR><LF>.<CR><LF> >>250 2.0.0 Ok: queued as 35CA025E69 >> >>The postfix/postcreeen log does not show info "PREGREET count after >>time from [address]:port text...", >>test message delivered normally (expect: test message prevented by >>postscreen). >>So, is there another way to quickly make smtp connection via "nc" or >>another tool to test the parameter >>"postscreen_greet_wait"? > Do this test from a different device. You probably have localhost in > mynetworks > and have configured >> postscreen_access_list = permit_mynetworks, >> cidr:/etc/postfix/postscreen_access.cidr Christian & Wietse: I've tested successfully the parameter "postscreen_greet_wait" of postscreen as Christian & Wietse's suggestions. Here is the experience: * Shoud test from a different device/host * Technical way to test the parameter "postscreen_greet_wait" via the tool "nc" and "echo": $ echo "Hello. I'm spambot" | nc host 25 Here is the log to show that the parameter "postscreen_greet_wait" works fine: Jan 23 15:09:17 gw postfix/postscreen[8783]: PREGREET 19 after 0 from [IP]:Port: Hello. I'm spambot\n Jan 23 15:09:18 gw postfix/postscreen[8783]: BARE NEWLINE from [IP]:Port after Hello. I'm spambot Jan 23 15:09:18 gw postfix/postscreen[8783]: HANGUP after 0 from [IP]:Port in tests after SMTP handshake Jan 23 15:09:18 gw postfix/postscreen[8783]: DISCONNECT [IP]:Port Note: I have my localhost and my LAN subnet in mynetworks and have configured, so my tests before did not work as expected. Thanks. Regards, N. Thang
