[Mimedefang] MimeDefang, SA, and Graylisting.

David F. Skoll dfs at roaringpenguin.com
Tue Jul 26 20:44:16 EDT 2005


Tina Marie wrote:

> If it's a virus, reject it.
> Call SA.
> If it's going to be rejected, reject it.
> If it's less then 0, deliver it.
> Otherwise, grab the IP of the machine connecting.
> Look it up in the retriedSuccessfully table.
>     If it's there, accept it, and update the time.
>     It it's not, look it up in the tempFailed table.
>         If it's there, accept it, and add it to the retriedSuccessfully
>             table.
>         If not, add it to the tempFailed table, and send a 451 to the
>             server.

In CanIt, we have a third table called "hosts_known_to_retry".  If a host
retries a mail for sender X and recipient Y, it is *extremely* likely
to retry for any combination in the future, so we turn off greylisting
for that host for 40 days.  This greatly mitigates the impact of
greylisting, and also makes the folks at AOL, Hotmail and Yahoo a lot
friendlier towards you. :-)

> This seems like a very lightweight implementation.  I'm a little
> concerned about corner cases - what about server farms, where
> mx1, mx2...mx125 all send out data?

We only consider the first three octets of the IP address.  Most server
farms are on a single class C network.

> How expensive is a mySQL connection?

Pretty cheap.

> I don't have a way to
> keep them around between emails,

Sure you do.  Why not?  Just have a wrapper that stores the DB handle
in a global variable; the connection will survive for the lifetime of
the slave.

Regards,

David.



More information about the MIMEDefang mailing list