Re: [exim] Issues with greylisting - NEW IMPLEMENTATION

Inizio della pagina
Delete this message
Reply to this message
Autore: Mike Cardwell
Data:  
To: exim-users
Oggetto: Re: [exim] Issues with greylisting - NEW IMPLEMENTATION
On 28/01/2010 15:55, Alain Williams wrote:

> The recent discussion on GreyListing made me think that this is something that
> I should really to: take it out of the box marked ''do later''.
>
> I looked at the various implementations suggested for Exim and did not like
> any of them and so wrote one that is:
>
> * smaller in terms of exim.conf
> * uses an sql procedure - should be faster
>
> I have written it up at the URL below, I have put this up on a test machine and it seems
> to work.
>
> I would be grateful if this was looked at by the collected wisdom of the various readers of this list.
> I have marked it beta, I will make changes if you can see bugs or think that the documentation
> is not good enough.
>
>     http://www.phcomp.co.uk/TechTutorial/HOWTOs/GreyListing.php

>
> Notes for discussion:
>
> * It stores sending-domain&  IP address of sender.
>    If a site sends from many MTAs it will be greylisted many times.
>    The alternative would be to record then entire sender address (boo@???),
>    however I do see spam that supposedly originates from the machine that it
>    is being sent to -- so not a good idea.


Looks good. I would update the function to purge old data from the
database as well though. Something like:

DELETE FROM greylist WHERE last_received < DATE_SUB(NOW(),INTERVAL 100 DAY);

Could use RAND() to make it so that the "purge" is run only once every
100 executions or something. Something like:

IF RAND() < 0.01 THEN
    DELETE FROM greylist WHERE last_received < DATE_SUB(NOW(),INTERVAL 
100 DAY);
END IF;


-- 
Mike Cardwell    : UK based IT Consultant, Perl developer, Linux admin
Cardwell IT Ltd. : UK Company - http://cardwellit.com/       #06920226
Technical Blog   : Tech Blog  - https://secure.grepular.com/
Spamalyser       : Spam Tool  - http://spamalyser.com/