[Mimedefang] Greylisting a relay/email
Oliver Schulze L.
oliver at samera.com.py
Thu Aug 9 18:09:39 EDT 2007
Hi,
I read the excellent post from David about using a tuple of data to identify
and greylist an email.
My question is about identifying the email and about greylisting a relay or
only a unique email comming from that relay.
Options to tempfail an email:
- on first spam received, greylist the relay IP and all emails comming
from that relay
- on first spam received, greylist the email asociating the email to the
relay. Tempfail
all conections comming from that IP only if the relay is sending the
same email.
Also, I was thinking of using this info to uniquely identify and email:
subject, size, from, recipients, relay_ip
Doing a md5 sum of the entire email will help? Or will load the server
too much?
I have done some md5 test and it can indeed identify the same email, no
header
modification is done in the remote server, but maybe botnets can change
header info.
Many thanks
Oliver
--
Oliver Schulze L. | http://tinymailto.com/oliver
Asuncion - Paraguay | http://www.solojuegos.mobi
More information about the MIMEDefang
mailing list