Re: [exim] greylisting builtin to exim?

トップ ページ
このメッセージを削除
このメッセージに返信
著者: W B Hacker
日付:  
To: exim-users
題目: Re: [exim] greylisting builtin to exim?
Jeremy C. Reed wrote:

> Has there been any discussion of patching exim to add greylisting support
> (so outside programs are not needed)?


There has been a good deal of discussion - most of it
concentrated about a year back.

I'm not the 'oracle' but I did not see any trend toward
incorporating and of the several greylisting methds into Exim to
any greater degree than it can already support.

>
> I understand that exim can insert mysql (or postgres) records.
>


It can do so, but seldom is asked to.

> But also needed would be a way for Exim to keep time and expire the
> greylisted entries. (Or is that already doable?)
>


Very little extra is needed. One of the simpler SQL tools was
published by Tollef Fog Heen, works with either MySQL or
PostgreSQL. As soem form of DB is needed, and these are
well-supported, they are also used in conjuntion with Exim to
manage timestamp nd expiration/adjustment.

Ater 'embellishing' these, it was found (here, at least) that
the protool checking tools in Exim were so effective there
remained little point in greylisting.

IOW - spam is not so 'grey' after all - but more often black or
white.

> Also, it would be interesting to have greylisting within exim so you could
> choose when it is used based on the dialog or host.
>


I would not expect that to be getting much attention, if any.

IMNSHO, the times and places where greylisting actually has an
advantage over simpler methods are probably quite specific to
minority environments.

> Until then, an outside tool can expire entries.
>
> Any examples on doing a greylist within exim without SQL server (like a
> cdb, dbm, or sqlite)?
>


There were at least two methods coded in perl, which, AFAIK, can
work with other-than-SQL DB's as easily as SQL.

> It could be useful to integrate greylisting with the great Exim filter.
> Maybe something like expiring greylists based on the filter rules.
>
> Jeremy C. Reed


It could be done.

I doubt it would be any more useful integrated than not, as I
don't think I am alone in observing that greylisting has limited
utility if one is doing all else effectively.

>
> p.s. Anyone using spamd spam deferral daemon and available to review a
> chapter I am writing about it?
>


We've tried delays and such, as well as *listing, and
teergrubbing, but have found no point to keeping spam around to
toy with, nor in keeping connections open needlessly, when it
can be immediately dumped during smtp and the 10% stragglers
whacked with SA.

YMMV,

Bill