Re: [exim] greylisting

Página superior
Eliminar este mensaje
Responder a este mensaje
Autor: Eduardo M KALINOWSKI
Fecha:  
A: exim-users
Asunto: Re: [exim] greylisting
On Seg, 08 Jun 2009, David Woodhouse wrote:
> I'd suggest reading http://wiki.exim.org/SimpleGreylisting -- the prose
> sets out some things that you may want to think about regardless of
> which greylisting implementation you use, and then there's an example
> Exim configuration which shouldn't suffer most of the stupid problems
> that postgrey does.


Thanks for the link. I already had selective greylisting implemented
in my exim (using another database recipe I found somewhere), but this
implementation is simpler and more straightforward. I've just
implemented it.

One thing that struck me is: once a greylisted message is seen again
and accepted (because the delay is over), couldn't its entry be
removed from the greylist table? It will eventually be removed 7 days
later from the cron script, but couldn't it be removed with something
like this:

   # The message was listed but it's been more than five minutes.  
Accept it now and whitelist
   # the _original_ sending host by its { IP, HELO } so that we don't  
delay its mail again.
   warn set acl_m_orighost = ${lookup sqlite {GREYDB SELECT host FROM  
greylist \
                                 WHERE  
id='${quote_sqlite:$acl_m_greyident}';}{$value}}
        set acl_m_orighelo = ${lookup sqlite {GREYDB SELECT helo FROM  
greylist \
                                 WHERE  
id='${quote_sqlite:$acl_m_greyident}';}{$value}}
        set acl_m_dontcare = ${lookup sqlite {GREYDB INSERT INTO resenders \
                                 VALUES ( '$acl_m_orighost', \
                                          '${quote_sqlite:$acl_m_orighelo}', \
                                          '$tod_epoch' ); }}
        set acl_m_dontcare = ${lookup sqlite {GREYDB DELETE FROM greylist \
                                 WHERE id='${quote_sqlite:$acl_m_greyident}';}}
        logwrite = Added host $acl_m_orighost with HELO  
'$acl_m_orighelo' to known resenders


     What do you guys think? Is it worth it? Or it is better to leave  
old entries (retried or not) to be bulk deleted from cron?



--
Eduardo M KALINOWSKI
eduardo@???