[Mimedefang] Greylisting netmask
Jeff Rife
mimedefang at nabs.net
Sat Feb 3 21:48:08 EST 2007
I'm starting down the "roll my own" greylisting track, and I'm curious
what other people use for a netmask in comparing IP addresses in the
list.
Currently, I use milter-greylist (which is an excellent product...I
just want more integration with my other policy), and its default is to
use a /24 netmask when comparing IPs.
I've been using /28 for nearly a year now, and it seems fine, with
nothing slowed down too much. Of course, I do use a whitelist for the
well-known large providers (Yahoo, AOL, MSN, etc.).
Also, it's not hard to store the IP/from/to tuple for each connection
in a database, but all the ideas I have for storing whitelist
information in the database seem a bit dodgy, as all the sources of
whitelist data use netmasks. Storing this isn't really the
issue...it's the fact that you
can't use this to directly query the database, and so performance can
be poor.
The only real idea I had was to query for somethine along the lines of
the following, if the currently connecting IP was 192.168.1.25:
SELECT * FROM greylist WHERE ip LIKE '192.168.1.%'
Basically, cut it off at the /24 and get a reasonable number of results
to match, then use Net::CIDR to finish.
--
Jeff Rife | "In those days Mars was a dreary uninhabitable
| wasteland much like Utah, but unlike Utah, Mars
| was eventually made livable."
| -- Professor Farnsworth, "Futurama"
More information about the MIMEDefang
mailing list