>Since we implement following whitelist_dns we manage to whitelist 
>85% of proper mail server. The number of triplet and helo data 
>dropped drastically.
>We were able to downgrade policyd database to old server and use the 
>newer server to do content scanning.
>
>
>+----------------------------+
>| _whitelist                 |
>+---------------------------- +
>| %.edu.au                   |
>| %.ev1servers.net           |
>| %.gov.au                   |
>| %.iserver.net              |
>| %.lnk.telstra.net          |
>| %.mailguard.com.au         |
>| %.messagelabs.net          |
>| %.netregistry.net          |
>| %.planetdomain.com         |
>| %.server-<http://web.com>web.com           |
>| %.shared.server-<http://system.net>system.net |
>| %.sun.com                  |
>| %bounce%                   |
>| %exchange%                 |
>| %filter%                   |
>| %google.com                |
>| %gw-%                      |
>| %gw1%                      |
>| %gw2%                      |
>| %hosting%                  |
>| %list%                     |
>| %mail%                     |
>| %mta%                      |
>| %mx%.%                     |
>| %outbound%                 |
>| %pobox.com                 |
>| %post%                     |
>| %proxy%                    |
>| %relay%                    |
>| %return%                   |
>| %server%                   |
>| %smarthost%                |
>| %smtp%                     |
>| %www%                      |
>| %yahoo.com%                |
>| ns1%                       |
>| ns2%                       |
>| ns3%                       |
>+---------------------------- +

These whitelist rules whitelist just about everything, I could see it 
reducing the policyd load considerably.  Is your purpose to only 
greylist dynamic addresses?  If so, it kinda seems like a good idea, 
because legit mailservers (even if hacked or open relays) will always 
properly respond to a 4xx error whereas most dynamic clients (windows 
malware infected and spammers) won't.

- Nate 


-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
policyd-users mailing list
policyd-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/policyd-users

Reply via email to