Re: [exim] Greylisting Within Exim Using Memcached

Page principale
Supprimer ce message
Répondre à ce message
Auteur: Duane Hill
Date:  
À: exim-users
Sujet: Re: [exim] Greylisting Within Exim Using Memcached
On Fri, 28 Aug 2009, Dave Evans wrote:

> On Fri, Aug 28, 2009 at 04:03:58AM +0000, Duane Hill wrote:
>> I have greylisting set up in Exim without the need for anything external.
>> It doesn't have any allowances for bypassing yet as that is trivial at
>> this point. It is the last thing I have configured in acl_smtp_rcpt before
>> the explicit accept. I understand the implementation only allows the
>> possibility for using one Memcached server. I wouldn't mind if anyone
>> would like to offer any constructive criticism and/or ways to clean up the
>> implementation. The configuration can be found here:
>>
>>      http://mail.yournetplus.com/d.hill/exim-greylist-memcached.conf

>
> First impressions...
>
> I'd be wary of using memcached for greylisting. Since there's no
> guarantee that anything you put into the cache will come out again, so any
> memcached-using app should degrade gracefully if that happens. Arguably,
> yours doesn't; if memcached keeps failing to return what was put in, then
> you'll defer forever, which you don't want.


I understand this.

> That said:
>
> - only works for IPv4, of course
> - all that mucking about with octets can probably be made a lot simpler by
> using ${mask:


Change has been made. That cleaned things up quite a bit.

> - since you're injecting keys straight into a memcached command string you
> should be extra careful about the format of the keys. Currently I think
> your keys can contain spaces (i.e. if the sender and/or recipient contain
> spaces), which I think would be a Bad Thing.


Why would the sender and/or recipient contain spaces? Shouldn't have Exim
dealt with this by now?

> - is ${if match{$acl_c_memcache_value}{\N^$\N}}
> equivalent to ${if eq{$acl_c_memcache_value}{}} ?


I guess it is. Change has been made.


Thanks for the overall input.