Re: [exim] spammers IP ban

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: David Saez Padros
Fecha:  
A: peter
Cc: exim users
Asunto: Re: [exim] spammers IP ban
Hi !!

>>>we are doing a similar thing, but instead of having a log parser we
>>>directly insert the ip into a mysql database using exim builtin mysql
>>>support, then every 5 minutes the mysql databse is dumped into a faster
>>>cdb databse which is used by exim.
>>
>>I'm curious. Doesn't a few writes to the relational database take
>>much longer
>>than the time gained by reading from the cdb file? I'm not saying this
>>is a bad technique. I'm just curious if I'm thinking correctly.


one thing has nothing to do with the another one, once a host is
blacklisted (in the worse case it will produce 3 or 5 writes between
the first detection and the time it's available on the cdb database)
it will not produce more database writes, and it could be rejected
lots of times. We blacklist everyday about 30000 new hosts and we
reject almost 800000 connections from blacklisted hosts. Inserting
30000 registers in a mysql database per day is not a problem,
altough i will personally prefer to have a way (without forking
another process) to insert registers into a ndbm like database.

> That would be my worry, too, along with the (certain) delays and
> (possible) erroneous results when the MySQL connection isn't
> available. Hence my use of the log-scraping technique to take the
> database writes out of the critical path.


is faster to directly write to mysql instead of parsing the log,
specially if the log file is very big, the mysql connection is
done to localhost so there are no connection problems (you can
also use delayed inserts to speed up things). Having the data in
mysql also gives some extra features if you want to do later some
statistics, expire blacklist status, allow your users to whitelist
a badly whitelisted host, etc ...

Anyway if you use a log parser then it would be better to directly
write to a db like dbm that could be read faster by exim than adding
it to a mysql database and then building a text file which is very
slow for exim to parse.

--
Best regards ...

----------------------------------------------------------------
    David Saez Padros                http://www.ols.es
    On-Line Services 2000 S.L.       e-mail  david@???
    Pintor Vayreda 1                 telf    +34 902 50 29 75
    08184 Palau-Solita i Plegamans   movil   +34 670 35 27 53
----------------------------------------------------------------