Re: [exim] Greylisting Within Exim Using Memcached

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Dave Evans
Date:  
À: exim-users
Sujet: Re: [exim] Greylisting Within Exim Using Memcached
On Fri, Aug 28, 2009 at 04:03:58AM +0000, Duane Hill wrote:
> I have greylisting set up in Exim without the need for anything external.
> It doesn't have any allowances for bypassing yet as that is trivial at
> this point. It is the last thing I have configured in acl_smtp_rcpt before
> the explicit accept. I understand the implementation only allows the
> possibility for using one Memcached server. I wouldn't mind if anyone
> would like to offer any constructive criticism and/or ways to clean up the
> implementation. The configuration can be found here:
>
>      http://mail.yournetplus.com/d.hill/exim-greylist-memcached.conf


First impressions...

I'd be wary of using memcached for greylisting. Since there's no
guarantee that anything you put into the cache will come out again, so any
memcached-using app should degrade gracefully if that happens. Arguably,
yours doesn't; if memcached keeps failing to return what was put in, then
you'll defer forever, which you don't want.

That said:

- only works for IPv4, of course
- all that mucking about with octets can probably be made a lot simpler by
using ${mask:
- since you're injecting keys straight into a memcached command string you
should be extra careful about the format of the keys. Currently I think
your keys can contain spaces (i.e. if the sender and/or recipient contain
spaces), which I think would be a Bad Thing.
- is ${if match{$acl_c_memcache_value}{\N^$\N}}
equivalent to ${if eq{$acl_c_memcache_value}{}} ?

Regards,

--
Dave Evans
http://djce.org.uk/
http://djce.org.uk/pgpkey