[Mimedefang] Greylisting Code on Wiki

David Eisner cradle at umd.edu
Tue Dec 11 17:47:06 EST 2007


I'm thinking of implementing Greylisting with MIMEDefang. I noticed a
few examples on the Wiki:

  http://www.mimedefang.org/kwiki/index.cgi?Greylisting
  http://www.mimedefang.org/kwiki/index.cgi?GreyListiningSQLite   [sic]

Is anybody using the SQLite example?  I'm a little worried about this
code, but I'm no expert, so perhaps people can allay my fears and
explain why I'm wrong:

1. As has been pointed out on the Wiki page, the first example, which
uses Berkeley DB, doesn't lock the DB before using it.  This doesn't
inspire confidence in either example.

2.  Both versions (Berkeley DB and SQLite) use a "%Greylistpassed" hash
to remember if a particular $MsgID has already passed so that, when this
$MsgID is seen again (for another recipient, presumably) it isn't
tempfailed again.  However, in the SQLite version, %Greylistpassed is
never set, but only read.  This looks like an oversight, which makes me
wonder whether the Berkeley DB version was translated to the SQLite
version as an exercise, but not really tested.

3. The code uses percent_encode_for_graphdefang() at one point, even
though this appears to be an internal implementation detail of
mimedefang.pl, and not part of the public API.

4. As I understand it, a common Greylisting setup is that once a
particular (MTA IP, envelope sender, envelope recipient) triple has
allowed mail to pass, the triple is auto-whitelisted for some period of
time (a month say).  In this way, future messages with that triple
aren't tempfailed.  However, the example code deletes the triple from
the database after a message is passed, so that subsequent messages with
that triple will be tempfailed again. 

5. The SQLite version makes a DBI->connect() call every time
filter_recipient() is called.  Isn't this something that would normally
be done inside filter_initialze()? 

If you do greylisting with MIMEDefang, and you're not using the Wiki
code, what do you use (other than CanIt :-) ?  I am aware of this magnum
opus: http://whatever.frukt.org/mimedefangfilter.text.shtml, which I'll
slog through if I have to.  Any others?

Thanks.

-David

-- 
David Eisner  
CALCE Center    University of Maryland




More information about the MIMEDefang mailing list