Re: [exim] Extremely Simple(?) greylisting with exim?

Top Page
This message is part of the following thread:
M---\the complete thread tree sorted by date
M--\MJawaid Bazyar at <-
M+\MMMarc Perkel at ->
Delete this message
Reply to this message
Author: Chad Leigh
Date:  
To: exim users
Subject: Re: [exim] Extremely Simple(?) greylisting with exim?

On Dec 26, 2006, at 8:11 AM, Marc Perkel wrote:

> Here's a really simple solution to simple greylisting. Define 3 MX
> records. Point the lowest and highest to dead IP addresses. Only the
> middle one works. It will delay normal email about 30 seconds to one
> minute when the MTA times out on the lowest MX. Requires no coding
> at all.

I am not sure I would do that for any server that hosts a wide
variety of email accounts, since the number of people sending you
mail who may have screwed up MTAs may catch you up in a customer
feedback complaint loop.

However, I did implement this partially based on other things Marc
has said. I set up two low priority MX hosts that are virtual hosts
on the same machine as the normal mailhost. These lower priority
ones automatically defer everything that hits them. The highest
priority MX is full functional and sometimes there is a full
functional second highest, so these "defer everything" ones are
either #2 and #3 or #3 and #4. I am not keep statistics that show if
attempts to contact these low priority MX hosts result in retires to
the higher priority, but a cursory examination of the logs did not
show anything like that, so it seems to be a good way to cheaply get
rid of some zombie bot type spam attempts who attack lower priority
MXs in the belief that defenses may be lower on them. I had a
surprisingly high number of attempts to use these secondary MXs that
defer considering the main mail server has been up 100% throughout
this time (considering they are on the same HW, it is a good chance
it will always be up when the secondaries are up barring some SW
issues).

I do greylisting use Marc Merlin's sa-exim with his greylisting
module added. The load on my backend SA server has gone down as well
so this secondary MX things seems to be OK so far. No customers are
complaining about missing mail.

Chad

---
Chad Leigh -- Shire.Net LLC
Your Web App and Email hosting provider
chad at shire.net



---
Chad Leigh -- Shire.Net LLC
Your Web App and Email hosting provider
chad at shire.net





This message was posted to the following mailing lists:
Exim-users
Mailing List Info | Nearby Messages		<-Re: [exim] mysql_servers expansion[exim] replace Received: from->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)