[Mimedefang] Greylist DB addition fails silently?
Paul Murphy
pmurphy at ionixpharma.com
Wed Jun 23 12:09:27 EDT 2004
Hi,
I've been running Jonas' greylisting code from
http://whatever.frukt.org/mimedefang-filter.shtml#mimedefang-filter for some
time with good experiences to date - greylisting cuts out something like 95% of
spam without any scanning overhead, although I've discovered some badly behaved
mail systems which see a 4xx temporary failure as a permanent fail and never try
again.
Today I noticed that one address in particular was continually trying to send to
a user here, and was always being failed by the greylist functions. The log
file showed the IP/sender/recipient triplet as new every time.
Having used some scripts to search the DB, there are definitely no entries in
the DB for this triplet, or indeed any triplets containing the sender e-mail
address.
I wrote a script to add an entry to the database. It ran, and reported that it
had successfully written the record, but on a search immediately afterwards, no
record was found. I changed the DB filename to /tmp/test, and it worked OK...
Has anyone else seen problems in DB_File silently dropping inserted data? I'm
running Debian/Testing, kernel 2.4.26-1, libberkeleydb-perl 0.25.1, libdb4.1
4.1.25-17 (although 4.2.52-16 is also on the system) and Perl 5.8.3-3 on Intel.
My search and insert programs are shown below for reference:
New.pl:
#==============================================================
#!/usr/bin/perl -ws
#
use DB_File;
use Fcntl ':flock';
my $ip = $ARGV[0];
my $rstsender = $ARGV[1];
my $rstrecip= $ARGV[2];
my $now = time();
#my $DBFilename='/tmp/test';
my $DBFilename='/var/spool/MIMEDefang/.greylistdb';
sub lock_db () {
open(LOCKFILE, ">>$DBFilename.lock") or return 0;
flock(LOCKFILE, LOCK_EX);
return 1;
}
sub unlock_db () {
flock(LOCKFILE, LOCK_UN);
close(LOCKFILE);
unlink("$DBFilename.lock");
return 1;
}
#print "Sender=$rstsender, Recip=$rstrecip\n";
my %GDB;
lock_db();
if (tie(%GDB,'DB_File',$DBFilename,O_RDWR|O_CREAT,0600))
{
my $key = "I:<$ip><$rstsender><$rstrecip>";
my $data = $GDB{$key};
if (! $data)
{
$GDB{$key} = join(';',$now-120,$now,$now-120,$now,99,$ip,$rstsender,$rstre
cip,"");
print "Adding record for $ip, $rstsender, $rstrecip\n";
}
else
{
print "record already exists\n";
}
untie %GDB;
unlock_db();
}
else
{
print "Error in tie-ing database\n";
}
1;
#==============================================================
Search.pl:
#==============================================================
#!/usr/bin/perl -ws
#
use DB_File;
use GD::Graph::pie;
my $search = $ARGV[0];
my $now = time();
#print "Sender=$rstsender, Recip=$rstrecip\n";
my %GDB;
if (tie(%GDB,'DB_File','/var/spool/MIMEDefang/.greylistdb',O_RDWR,0600))
{
foreach my $key ( keys %GDB)
{
my $data = $GDB{$key};
if ($data)
{
my ($created,$modified,$reset,$accepted,$count,$ip,$sender,$recipient,$x)
= split(/;/,$data,9);
if ( lc($sender)=~ /$search/i || lc($recipient)=~ /$search/i )
{
print "Key: $key\nData: $data\n";
}
}
}
untie %GDB;
}
1;
#==============================================================
Best Wishes,
Paul.
__________________________________________________
Paul Murphy
Head of Informatics
Ionix Pharmaceuticals Ltd
418 Science Park, Cambridge, CB4 0PA
Tel. 01223 433741
Fax. 01223 433788
_______________________________________________________________________
DISCLAIMER:
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to which they
are addressed. If you have received this email in error please contact
the sender or the Ionix IT Helpdesk on +44 (0) 1223 433741
_______________________________________________________________________
More information about the MIMEDefang
mailing list