[Mimedefang] Greylisting?
David F. Skoll
dfs at roaringpenguin.com
Sat Aug 13 20:49:07 EDT 2005
John Rudd wrote:
> Has anyone done a grey-listing setup using mimedefang?
Yes. Our commercial CanIt software includes greylisting.
> It seems like
> filter-sender would be the ideal place to do it.
Actually, filter_recipient, if you want to take into account the recipient
as well. Or filter_end if you don't want to run into trouble with semi-broken
MTAs that panic if all RCPT commands are tempfailed.
> instead, I'll be using a directory, where files have filenames of
> the form sender:relay,
Be sure to sanitize the sender address. You want to be careful not
to let an attacker create files with arbitrary names (especially names
containing ..)
> Does the implementation (with files instead of an actual database) seem
> like it will cause too many problems?
It seems a bit awkward to me. Why not use a Berkeley DB file and the
Perl DB_File module? Then you just tie a hash to the DB file and
(from Perl's viewpoint) everything is just a hash access.
By the way, you're posting from "john at rudd.cc" and I'm getting an SPF failure
because your posting host is b.mail.sonic.net but your SPF record reads:
rudd.cc TXT "v=spf1 a -all"
If you're going to publish SPF records, at least use them properly!
Your messages are getting trapped by our CanIt system because of the
SPF failures. At some point, I will tire of releasing them...
Regards,
David.
More information about the MIMEDefang
mailing list