[Mimedefang] greylisting stats

Security security at hudakville.com
Wed Dec 10 20:28:28 EST 2003


Well, I liked David's suggestion on adding the time, which seems to make
sense.  Fortunately, its just adding one line of code to what he published!
At the bottom of this email I have my version of David's greylisting code
with the time piece added in, in case anyone is interested.

However, I have a question.  Before implementing this, I had never worked
with the Berkeley DB format before.  In reading about it, it looks to me
that you can only have one value per key.  Is that true?  If so, I would
assume that you would have to use a relational DB like MySQL in order to get
anymore.

If it isn't true how would you log, for example, the last time the triad was
used and the number of times it was used?

Tyler


sub should_greylist ($$$) {
    my($sender, $recip,$ip) = @_;
    my %hash;

    my $key = "<$ip><$sender><$recip>";

    lock_db();
    tie %hash, 'DB_File', $DBFilename;
    my $ret = ++$hash{$key};
    $hash{$key} = time;

    untie %hash;
    unlock_db();
    return ($ret == 1);
}




More information about the MIMEDefang mailing list