Re: [exim] Still a noob, but slowly improving. Greylisting …

Top Page
Delete this message
Reply to this message
Author: Jaye Mathisen
Date:  
To: John W. Baxter
CC: exim-users
Subject: Re: [exim] Still a noob, but slowly improving. Greylisting with SMTP AUTH.
Sure, but that really is beside the point.

If you have a server that is publicly available that uses SMTP-AUTH,
then for spammers that connect to it directly, are they disco'd, because they
didn't use smtp-auth, so greylisting doesn't become an issue?

And if it doesn't, then for your normal user that connects, authenticates, is the
greylisting process bypassed?

It could be there's something I don't understand in this whole picture, which certainly
wouldn't be the first time.

On Tue, May 17, 2005 at 01:59:33PM -0700, John W. Baxter wrote:
> Depends on what host name they try to connect to. The two most obvious ones
> don't run mail servers (and one of those is blocked for incoming port 25 at
> the firewall). The firewall keeps many of the others isolated from port 25
> connections from the world.
>
> --John
>
>
> On 5/17/05 1:05 PM, "Jaye Mathisen" <mrcpu@???> wrote:
>
> > I can see this, but what about hosts that ignore MX records and
> > just connect direct?
> >
> >
> > On Tue, May 17, 2005 at 01:26:37PM -0700, John W. Baxter wrote:
> >> On 5/17/05 12:53 PM, "Jaye Mathisen" <mrcpu@???> wrote:
> >>
> >>> I've been reading on greylisting, and thinking about integrating
> >>> it.
> >>>
> >>> However, one question sticks in my head, if you authenticate auser via
> >>> some SMTP-AUTH method, then is grey-listing bypassed?
> >> Not an issue here, as the Exim instances that customers talk to are separate
> >> from the MX that the world talks to.
> >>
> >>>
> >>> I was also thinking about going to really short intervals. Like 5 minutes.
> >>
> >> We use a Python daemon we wrote here (which tracks using a MySQL database).
> >> Exim gets a simple ACCEPT or DEFER back from the daemon, and acts
> >> accordingly. (Mostly at RCTP TO: time, but we defer the <> sender and some
> >> others to DATA time for greylisting (to avoid issues with those doing
> >> callbacks), and we have whitelisting in a database with fairly fine-grained
> >> control (not quite fine enough, unfortunately)).
> >>
> >> Keeps a lot of messages out of our system (including the new Sober), and the
> >> drivel that the machines infected with the new Sober are now spewing out.
> >>
> >> A process runs every 5 minutes to clean up the database.
> >>
> >> The separate daemon is much easier than trying to make Exim make the
> >> decisions.
> >>
> >> --John
> >>
> >>
> >>
> >> --
> >> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> >> ## Exim details at http://www.exim.org/
> >> ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
> >>
> >>
> >>
> >>
>
>
>
> --
> ## List details at http://www.exim.org/mailman/listinfo/exim-users
> ## Exim details at http://www.exim.org/
> ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
>
>
> !DSPAM:428a5623708051190011448!
>