--- sendmail/srvrsmtp.c.orig	2015-03-18 07:47:12.000000000 -0400
+++ sendmail/srvrsmtp.c	2016-06-12 18:36:01.372172000 -0400
@@ -832,6 +832,9 @@
 	int n_badrcpts_adj;
 #endif /* _FFR_BADRCPT_SHUTDOWN */
 
+#ifdef USE_BLACKLIST
+	int fd;
+#endif
 	SevenBitInput_Saved = SevenBitInput;
 	smtp.sm_nrcpts = 0;
 #if MILTER
@@ -1328,6 +1331,9 @@
 					  (int) tp.tv_sec +
 						(tp.tv_usec >= 500000 ? 1 : 0)
 					 );
+#ifdef USE_BLACKLIST
+				blacklist_notify(1, fd, "pre-greeting traffic");
+#endif
 			}
 		}
 	}
@@ -1723,6 +1729,10 @@
 			{
 				/* not SASL_OK or SASL_CONT */
 				message("535 5.7.0 authentication failed");
+#ifdef USE_BLACKLIST
+				fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL);
+				blacklist_notify(1, fd, "AUTH FAIL");
+#endif
 				if (LogLevel > 9)
 					sm_syslog(LOG_WARNING, e->e_id,
 						  "AUTH failure (%s): %s (%d) %s, relay=%.100s",
@@ -3524,6 +3534,10 @@
 			if (++n_badcmds > MAXBADCOMMANDS)
 			{
   stopattack:
+#ifdef USE_BLACKLIST
+				fd = sm_io_getinfo(InChannel, SM_IO_WHAT_FD, NULL);
+				blacklist_notify(1, fd, "too many bad commands");
+#endif
 				message("421 4.7.0 %s Too many bad commands; closing connection",
 					MyHostName);