Re: [exim] Still a noob, but slowly improving. Greylisting …

Top Page
Delete this message
Reply to this message
Author: John W. Baxter
Date:  
To: exim-users
Subject: Re: [exim] Still a noob, but slowly improving. Greylisting with SMTP AUTH.
Depends on what host name they try to connect to. The two most obvious ones
don't run mail servers (and one of those is blocked for incoming port 25 at
the firewall). The firewall keeps many of the others isolated from port 25
connections from the world.

--John


On 5/17/05 1:05 PM, "Jaye Mathisen" <mrcpu@???> wrote:

> I can see this, but what about hosts that ignore MX records and
> just connect direct?
>
>
> On Tue, May 17, 2005 at 01:26:37PM -0700, John W. Baxter wrote:
>> On 5/17/05 12:53 PM, "Jaye Mathisen" <mrcpu@???> wrote:
>>
>>> I've been reading on greylisting, and thinking about integrating
>>> it.
>>>
>>> However, one question sticks in my head, if you authenticate auser via
>>> some SMTP-AUTH method, then is grey-listing bypassed?
>> Not an issue here, as the Exim instances that customers talk to are separate
>> from the MX that the world talks to.
>>
>>>
>>> I was also thinking about going to really short intervals. Like 5 minutes.
>>
>> We use a Python daemon we wrote here (which tracks using a MySQL database).
>> Exim gets a simple ACCEPT or DEFER back from the daemon, and acts
>> accordingly. (Mostly at RCTP TO: time, but we defer the <> sender and some
>> others to DATA time for greylisting (to avoid issues with those doing
>> callbacks), and we have whitelisting in a database with fairly fine-grained
>> control (not quite fine enough, unfortunately)).
>>
>> Keeps a lot of messages out of our system (including the new Sober), and the
>> drivel that the machines infected with the new Sober are now spewing out.
>>
>> A process runs every 5 minutes to clean up the database.
>>
>> The separate daemon is much easier than trying to make Exim make the
>> decisions.
>>
>> --John
>>
>>
>>
>> --
>> ## List details at http://www.exim.org/mailman/listinfo/exim-users
>> ## Exim details at http://www.exim.org/
>> ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
>>
>>
>> !DSPAM:428a4e66472017933015357!
>>