Re: [Mimedefang] milter smorgas board
On 1 May 2006 at 10:29, Gary Funck wrote: http://www.snertsoft.com/solutions.php Above, a list of milters, many of them open source, some not. Thought it might be useful for ideas of add-ons/improvements to MdF. The milter-sender description reminded me... I enabled a check like this in MD for about a week and logged the results (but didn't actually reject). Not one of the messages it would have rejected made it through the other techniques I use (greylisting, HELO spoof check, SA, etc.), so I decided it was far too expensive (timewise) to implement for no gain, and although I didn't see any issues, it could cause timeout problems. Does anybody have any experiences with this sort of callback check? -- Jeff Rife | | http://www.nabs.net/Cartoons/Dilbert/LostPassword.gif ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] milter smorgas board
On Mon, 2006-05-01 at 10:29 -0700, Gary Funck wrote: http://www.snertsoft.com/solutions.php Above, a list of milters, many of them open source, some not. Thought it might be useful for ideas of add-ons/improvements to MdF. Here's one I thought interesting: http://www.snertsoft.com/sendmail/milter-7bit/ This Sendmail mail filter will tag or reject email with invalid message content transfer encodings as given by RFC 2045. For example a message that is declared to use MIME 7-bit encoding, but contains an 8-bit octet, NUL byte, and/or unpaired CR or LF characters, would be considered invalid and tagged/rejected. Variations of these checks are performed for MIME parts with 8-bit or binary encodings. - MIMEDefang already does the NUL and CR/LF checks as suspicious character checks. But, I'm wondering if the 8-bit check would be useful. Here's another: http://www.snertsoft.com/sendmail/milter-date/ This Sendmail mail filter verifies the conformance of the date-time strings found in the Received:, Resent-Date:, and Date: headers with respect to RFC 2822 section 3.3 Date Time Specification. The milter also checks that the date-time strings in the previously mentioned headers have coherent relationships betweeen themselves and the current mail hop. Mail can be tagged, rejected, or discarded accordingly, if the date-time strings have invalid syntax, semantics, or are incoherent. - How much of this does SpamAssassin do? Richard ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] milter smorgas board
On Mon, 2006-05-01 at 14:12 -0400, Jeff Rife wrote: The milter-sender description reminded me... ... Does anybody have any experiences with this sort of callback check? We use it, including a database cache to lighten the load. Since we do reject on it, I can't say how efficient it is compared to other tests. From a quick log search, I see this test rejects about 38,000 messages per week, after things like RBLs and HELO checks (which block about 15,74,000 messages per week.) In general, my philosophy is that anything which can prevent a SpamAssassin run is good. Running SA on a message is very CPU intensive and involves lots of network queries as well. Richard ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
Re: [Mimedefang] milter smorgas board
On 1 May 2006 at 17:51, Richard Laager wrote: Since we do reject on it, I can't say how efficient it is compared to other tests. From a quick log search, I see this test rejects about 38,000 messages per week, after things like RBLs and HELO checks (which block about 15,74,000 messages per week.) In general, my philosophy is that anything which can prevent a SpamAssassin run is good. Running SA on a message is very CPU intensive and involves lots of network queries as well. Agreed. I'd have to go back and check how many of these required SA to cause a reject. ISTR that greylisting and HELO checks got all but a few. -- Jeff Rife | There was a guy that was killed just like this | over in Jersey. | Yeah, but I figure, 'What the hell, | that's Jersey.' | -- Highlander ___ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang