Hi Michael, beside reinventing greylisting - as already said - I think your wish is more to have some kind of content-oriented blacklisting.
This can be easyly achieved by using the NixSpam-DNS-blacklist without calculating hash values over the email content by yourself. Just enter ix.dnsbl.manitu.net in /etc/qpsmtpd/dnsbl_zones and activate the core plugin dnsbl. This in combination with the plugin require_resolvable_client, with avoiding catch-all addresses (db_user) and with a little help of db/suite including greylisting will filter out nearly 99 % auf spam without a heavy spam content filter. Moreover a hard email attachment policy (no HTML, no GIF, no EXE, no DOC etc.) avoids the need of a heavy virus filter. The rejection of bad emails filtered as named above happens already during the connection phase. Therefore it is lawful AFAIK, because once you've accepted a mail, you must deliver it - and then you have all that hassle with spam-headers or bounce mails (guaranteed to reach the wrong sender) etc.! But if you reject it during connection phase, you have never received it. Using of heavy spam or virus filters during the connection phase would slow down the mail traffic significantly, thus the described solution is faster and easier. See http://dienstleistung-kultur.de/spamstat.shtml Yours, Ernesto Am 31.08.2009 02:22 schrieb Michael Papet: > Hi, > > I've been modding other plugins and am scheming to write a plugin that does > the following. > > 1. mail passes the usual plugins tests > 2. Generate an MD5 signature on the body and title. > 3. Check for the md5 signature in a db. If it finds one, accept the mail. > If it doesn't reject the mail. > > The general idea being, more legitimate mail will retry. I have some > questions. > > A. Should I even bother? I'm not enough of an admin to know if this would be > a worthwhile endeavor. This may be exploited by spammers already. > B. Do more experienced admins have some advice on timestamp logic. A total > shot in the dark is about an hour between the first send and the second > accepted send. > C. Does qpsmtpd have a way to easily call envelope timestamps? > > Naturally, there's some simple logic to flush the signature DB with > signatures maybe 24 hours old. That's a simple cron job. > > Any suggestions are welcome. > > Michael > -- ______________________________________________________________________ Dienstleistung Kultur Ltd. & Co. KG Lützenstr. 10, 10711 Berlin Telephon +49-(0)30 - 89 09 56 59 Prokurist Ernst-J. Johnsdorf Faksimile +49-(0)30 - 89 09 56 60 HRA 41207 Berlin-Charlottenburg http://dienstleistung-kultur.de USt-IdNr. DE 261 999 858 mailto:m...@dienstleistung-kultur.de ______________________________________________________________________ Dienstleistung Kultur Ltd. 27, Gloucester Street, London WC1N 3AX Companies House, Cardiff, No. 6512436 Director Ute-I. Pehlke ______________________________________________________________________
