Re: [exim] greylisting

Kezdőlap
Üzenet törlése
Válasz az üzenetre
Szerző: Chris Wilson
Dátum:  
Címzett: exim-users
Tárgy: Re: [exim] greylisting
Hi Ted,

On Sat, 5 Jun 2010, Ted Cooper wrote:

> I know they've been posted a few times, but could everyone who has
> published a greylist solution please reply to this message with details
> about it. If there are some new ones I wouldn't mind adding them to the
> wiki this weekend.


The one that I wrote and use is presented here:

http://www.exim-new-users.co.uk/Chris-Wilson-Aptivate-Reducing-Spam.pdf

(from page 12 of the PDF)

It's based on "Greylisting with MySQL and Exim" which used to be available
from [http://theinternetco.net/projects/exim/greylist], but seems to have
disappeared.

Compared to "Simple Greylisting with Exim", I find it more scalable (since
it uses MySQL instead of SQLite) and simpler to implement.

I also recommend applying to Jaco Kroon to join his distributed greylist
system, for faster whitelisting of hosts known to pass greylisting:

http://www.mail-archive.com/exim-users@exim.org/msg33805.html

> A recent bug entry on bugzilla asked if there was a solution that is
> capable of working on the network with many exim machines talking to a
> single daemon/database without flooding it with SQL. I would imagine
> something that used a dlfunc, perlfunc or readsocket would be
> appropriate.


Wait, what? What flooding? If two SQL statements per email is really so
terrible (and I really doubt it) then you could use MySQL (without wanting
to get into a religious war) with a read-only local copy of the database
replicating from a writable master that's used for INSERT and UPDATE
operations. But since you probably want to update the database on every
successful message at least, I don't think it's worth the complexity.

Or you could use DNS as your database and send a zone update for
new entries and greylist passes :)

I certainly don't think it's worth writing a C module for. Have they even
benchmarked their "problem"?

Cheers, Chris.
-- 
_ ___ __     _
  / __/ / ,__(_)_  | Chris Wilson <0000 at qwirx.com> - Cambs UK |
/ (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Perl/SQL/HTML Developer |
\ _/_/_/_//_/___/ | We are GNU-free your mind-and your software |