Hardik Dalwadi wrote:
Hi!
Remy Almeida said the following, On Saturday 03 February 2007 09:15 AM:
Hi All
I have a working qmail-ldap want to implement greylist with
qmail-smtpd how can I do it?
Check [1], It's giving me better result, up to 90% of SPAM Cut off.
[1] http://www.jonatkins.com/page/software/qgreylist
Without wanting to step on top of anyones toe... =)
Better result than other solution, or than stock qmai-ldap install?
From what i understand, ANY greylisting solution that works by
replacing rblsmtpd does not implement true greylisting, since for that
matter it takes a triplet of an origin ip address, a sender address and
a recipient address. A drop in replacement for rblsmtpd only allows a
"kind of" greylisting since at that level, the mail system only knows
about the origin ip address. True greylisting implies qmail-smtpd
patching and/or replacing!
One very common case of failure for such solution is when there is more
than one spam delivery attempt from a certain ip address. Once the ip
gets whitelisted, every message from that origin will be automatically
accepted.
Besides not implementing in full the greylisting itself, I can remember
some other issues with either that solution, or derived work such as
qgreylistrbl. Both these solutions, if i recall correctly, use the
origin full ip address for their operation. If by any chance a
legitimate mail is sent through a farm of smtp servers, which not always
use the same ip address for retries, you may end up with extensive
delays in mail deliveries. Greylisting whitelists are usually set for
network blocks and not individual ip addresses. This behavior can be
easily corrected though, if you're willing to go through the code.
Keeping in mind that this solution works by touch'ing files to keep
track of greylisted addresses, another problem arises when you want to
implement this solution in a cluster environment, or even when you have
a primary and secondary MX. In that case, you either have some kind of
network/distributed filesystem that'll allow you to share those files
between the servers, or again you will end up having delay message
delivery. Not all smtp servers retry to the same destination server,
trying the deliver in subsequent times to the MX with less immediate weight.
Lastly, both qgreylist and qgreylistrbl are written in perl. There WILL
be some overhead associated.
If by any chance, none of my above arguments was persuasive enough to
let you decide for a true greylisting solution with some kind of
database backend, at least consider cqgreylist
(http://oss.albawaba.com/cqgreylist.html), which provides the same level
of functionality but is written in C.
The solution i'm using, with great results so far, is available at
http://pessoa.fct.unl.pt/hmmm/files/anti-spam/qmail-ldap/. Check the
README.ENVELOPE_SCAN file for more detailed information.
Regards,
Hugo Monteiro.
--
ci.fct.unl.pt:~# cat .signature
Hugo Monteiro
Email : [EMAIL PROTECTED]
Telefone : +351 212948300 Ext.15307
Centro de Informática
Faculdade de Ciências e Tecnologia da
Universidade Nova de Lisboa
Quinta da Torre 2829-516 Caparica Portugal
Telefone: +351 212948596 Fax: +351 212948548
www.ci.fct.unl.pt [EMAIL PROTECTED]
ci.fct.unl.pt:~# _
