On Sat, Jun 21, 2003 at 12:44:56AM +0200, Sheldon Hearn wrote:
> Anyone working on a Greylisting implementation for Exim?
> http://projects.puremagic.com/greylisting/
> I'm swamped right now, but this looks like a really cool idea.
I hate to say it, but there's massive prior art in this.
http://www.chiark.greenend.org.uk/~ian/sauce/
The technique is very effective, and I've been running it for well over
2 years. I believe Ian has been running it for longer than that. It's
even mentioned in Ross Anderson's Security Engineering book (with a ref
of Ian Jackson, pers.comm.)
With the current ACL set, it should possible to write something like this.
You probably have to store your state in a similar way to the way in
which my old exim 3 mailfilter (
http://colondot.net/mbm/mailfilter.shtml)
did. In reality you need a better way of storing the state, so that you
can update it in a sensible way. Possibly hooking it onto a SQL database
backend, and executing "lookups" which do "UPDATE" SQL commands would be
the way to do it.
FWIW, the first time I see a host, it gets delayed for 4h (unless it's
to a specific set of addresses), and the first time I see a new
host/sender pair, it gets delayed for 1h.
MBM
--
Matthew Byng-Maddick <mbm@???> http://colondot.net/
