date:20080423

Re: [spamdyke-users] Greylisting wishes

2008-04-23 Thread Marcin Orlowski

Sam Clippinger wrote:
> I've already made this change in version 4.0.0 -- it has a new flag to 
> allow spamdyke to create domain folders itself.  It can't be automatic 
> because some sites need the ability to activate/deactivate graylisting 
> for specific domains without affecting others.

what about option to call external app to check that out? One could 
easily craft small tool to look into SQL database to decide if
we shall or shall not greylist.

Generally, I'd love to see the way to feed spamdyke with stuff from
external apps for any lists or even configuration file.

Marcin
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] problems with DENIED_IP_IN_CC_RDNS

2008-04-23 Thread Eric Shubert

Sam Clippinger wrote:
> You're reading the correct section.  The third and fourth paragraphs 
> describe "reject-unresolvable-rdns", which is the filter that was 
> triggered in your example.  The text doesn't actually use the term "A 
> record", instead saying that spamdyke "attempts to get an IP address 
> from the name".  When I wrote it, I was trying to limit my use of jargon 
> as much as possible.  I guess I should rewrite it if it's so unclear.

It appears clearer to me now, but I think it could read a little better.

"This test only attempts to get at least one IP address from the name. It
does not require the rDNS name's IP address to match the remote server's IP
address."
might be replaced with
"This is done by using the rDNS name to lookup a corresponding IP address.
It does not require the corresponding address to be the same as the remote
server's IP address, only that the rDNS name correspond to an IP address (or
more specifically, a type A DNS record) of some sort."

> Paragraphs five through ten describe "ip-in-rdns-keyword-file" and the 
> last paragraph describes "reject-ip-in-cc-rdns".

I think I could make those read a bit better. Let me know if you'd like me
to take a stab at it and we can work it out off list.

> The two rules you're wanting are already there -- 
> "reject-unresolvable-rdns" and "ip-in-rdns-keyword-file".  The former 
> only checks for an A record from the rDNS name.  The latter checks for 
> the IP address in the rDNS, plus a keyword from the file.

I see that now. I think I may have been having a bit of a brain fart
yesterday. ;)

Thanks for clearing this up for me.

> -- Sam Clippinger
> 
> Eric Shubert wrote:
>> That makes sense, but it's not what I read at
>> http://www.spamdyke.org/documentation/README.html#RDNS
>> I don't see anything there about looking up a corresponding DNS A record.
>> Is the documentation perhaps out of date? (or am I losing it?) ;)
>>
>> Do we perhaps need 2 parameter/rules? One for when the rDNS record does not
>> contain an IP address, and another for when there is no DNS A record for the
>> address that's found?
>>
>> Sam Clippinger wrote:
>>   
>>> Your example was not rejected by the ip-in-rdns-keyword-file filter.  It 
>>> was rejected by the reject-unresolvable-rdns filter because the rDNS 
>>> name does not resolve to an IP address (a DNS A record).  In other 
>>> words, "ping ihsystem-65-182-166-90.pugmarks.net" will fail with 
>>> "unknown host".
>>>
>>> -- Sam Clippinger
>>>
>>> Eric Shubert wrote:
>>> 
 I don't understand (after having read the documentation) why the example I
 showed was rejected then. Please explain.

 Sam Clippinger wrote:
   
   
> Sorry, I should have mentioned that the dots in the formats I listed can 
> actually be any non-alphanumeric character (dashes, underscores, etc).
>
> -- Sam Clippinger
>
> Eric Shubert wrote:
> 
> 
>> Sam Clippinger wrote:
>>   
>>   
>>   
>>> spamdyke looks for the IP address in many different formats.  If the IP 
>>> address is 11.22.33.44, it looks for:
>>> 11.22.33.44
>>> 011.022.033.044
>>> 11.022.033.044 (new in version 4.0.0)
>>> 11.22.033.044 (new in version 4.0.0)
>>> 11.22.33.044 (new in version 4.0.0)
>>> 44.33.22.11
>>> 44.11.22.33
>>> 33.22.11.44
>>> 44.33.1122
>>> 3344.11.22
>>> 11.22.8492 (last two octets converted to long integer)
>>> 11223344
>>> 011022033044
>>> 11022033044
>>> 1122033044
>>> 112233044
>>> 44332211
>>> 044033022011
>>> 185999660 (entire IP converted to long integer)
>>> 0b16212c (entire IP converted to hex digits)
>>> Basically, these are all the different formats I've seen in real life.  
>>> As people report new ones, I add them too.
>>> 
>>> 
>>> 
>> Here's another one for you Sam:
>>
>> 04-16 13:01:22 DENIED_RDNS_RESOLVE from: [EMAIL PROTECTED] to:
>> [EMAIL PROTECTED] origin_ip: 65.182.166.90 origin_rdns:
>> ihsystem-65-182-166-90.pugmarks.net auth: (unknown)
>>
>>   
>>   
>>   
>>
>>   
> ___
> spamdyke-users mailing list
> spamdyke-users@spamdyke.org
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users


-- 
-Eric 'shubes'
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Greylisting wishes

2008-04-23 Thread Sam Clippinger

I'm planning to add that in a future version but not in 4.0.0.  The list 
of changes for that version is already incredibly long and I've been 
trying to finish testing it for the last month or two.  I have no idea 
how long the documentation updates are going to take.

Look for this in 4.1.0 or so.

-- Sam Clippinger

Marcin Orlowski wrote:
> Sam Clippinger wrote:
>   
>> I've already made this change in version 4.0.0 -- it has a new flag to 
>> allow spamdyke to create domain folders itself.  It can't be automatic 
>> because some sites need the ability to activate/deactivate graylisting 
>> for specific domains without affecting others.
>> 
>
> what about option to call external app to check that out? One could 
> easily craft small tool to look into SQL database to decide if
> we shall or shall not greylist.
>
> Generally, I'd love to see the way to feed spamdyke with stuff from
> external apps for any lists or even configuration file.
>
> Marcin
> ___
> spamdyke-users mailing list
> spamdyke-users@spamdyke.org
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
>   
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Greylisting wishes

2008-04-23 Thread Marcin Orlowski

Sam Clippinger wrote:
> I'm planning to add that in a future version but not in 4.0.0.  The list 
> of changes for that version is already incredibly long and I've been 
> trying to finish testing it for the last month or two.  I have no idea 
> how long the documentation updates are going to take.
> 
> Look for this in 4.1.0 or so.

Small suggestion for 4.0 -> to add ALLOWED_GRAYLISTED log entry
not just ALLOWED for any message that passes. Having ALLOWED_GRAYLISTED 
woul help finding out how many graylisted posts were spam. With just
ALLOWED I'd need to parse logs myself...
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Greylisting wishes

2008-04-23 Thread Sam Clippinger

I could do that if it would be useful.  Now is the time for changes like 
this, since version 4.0 won't be backwards compatible anyway.  What 
about changing the log message for other reasons too?  For example, 
ALLOWED_WHITELISTED_IP, ALLOWED_WHITELISTED_SENDER, etc.

-- Sam Clippinger

Marcin Orlowski wrote:
> Sam Clippinger wrote:
>   
>> I'm planning to add that in a future version but not in 4.0.0.  The list 
>> of changes for that version is already incredibly long and I've been 
>> trying to finish testing it for the last month or two.  I have no idea 
>> how long the documentation updates are going to take.
>>
>> Look for this in 4.1.0 or so.
>> 
>
> Small suggestion for 4.0 -> to add ALLOWED_GRAYLISTED log entry
> not just ALLOWED for any message that passes. Having ALLOWED_GRAYLISTED 
> woul help finding out how many graylisted posts were spam. With just
> ALLOWED I'd need to parse logs myself...
> ___
> spamdyke-users mailing list
> spamdyke-users@spamdyke.org
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
>   
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] problems with DENIED_IP_IN_CC_RDNS

2008-04-23 Thread Sam Clippinger

I can always use help writing documentation.  Let me finish making the 
updates for the version 4.0 changes, then I'll send them to you to see 
if you think they need polishing.  Thanks!

-- Sam Clippinger

Eric Shubert wrote:
> Sam Clippinger wrote:
>   
>> You're reading the correct section.  The third and fourth paragraphs 
>> describe "reject-unresolvable-rdns", which is the filter that was 
>> triggered in your example.  The text doesn't actually use the term "A 
>> record", instead saying that spamdyke "attempts to get an IP address 
>> from the name".  When I wrote it, I was trying to limit my use of jargon 
>> as much as possible.  I guess I should rewrite it if it's so unclear.
>> 
>
> It appears clearer to me now, but I think it could read a little better.
>
> "This test only attempts to get at least one IP address from the name. It
> does not require the rDNS name's IP address to match the remote server's IP
> address."
> might be replaced with
> "This is done by using the rDNS name to lookup a corresponding IP address.
> It does not require the corresponding address to be the same as the remote
> server's IP address, only that the rDNS name correspond to an IP address (or
> more specifically, a type A DNS record) of some sort."
>
>   
>> Paragraphs five through ten describe "ip-in-rdns-keyword-file" and the 
>> last paragraph describes "reject-ip-in-cc-rdns".
>> 
>
> I think I could make those read a bit better. Let me know if you'd like me
> to take a stab at it and we can work it out off list.
>
>   
>> The two rules you're wanting are already there -- 
>> "reject-unresolvable-rdns" and "ip-in-rdns-keyword-file".  The former 
>> only checks for an A record from the rDNS name.  The latter checks for 
>> the IP address in the rDNS, plus a keyword from the file.
>> 
>
> I see that now. I think I may have been having a bit of a brain fart
> yesterday. ;)
>
> Thanks for clearing this up for me.
>
>   
>> -- Sam Clippinger
>>
>> Eric Shubert wrote:
>> 
>>> That makes sense, but it's not what I read at
>>> http://www.spamdyke.org/documentation/README.html#RDNS
>>> I don't see anything there about looking up a corresponding DNS A record.
>>> Is the documentation perhaps out of date? (or am I losing it?) ;)
>>>
>>> Do we perhaps need 2 parameter/rules? One for when the rDNS record does not
>>> contain an IP address, and another for when there is no DNS A record for the
>>> address that's found?
>>>
>>> Sam Clippinger wrote:
>>>   
>>>   
 Your example was not rejected by the ip-in-rdns-keyword-file filter.  It 
 was rejected by the reject-unresolvable-rdns filter because the rDNS 
 name does not resolve to an IP address (a DNS A record).  In other 
 words, "ping ihsystem-65-182-166-90.pugmarks.net" will fail with 
 "unknown host".

 -- Sam Clippinger

 Eric Shubert wrote:
 
 
> I don't understand (after having read the documentation) why the example I
> showed was rejected then. Please explain.
>
> Sam Clippinger wrote:
>   
>   
>   
>> Sorry, I should have mentioned that the dots in the formats I listed can 
>> actually be any non-alphanumeric character (dashes, underscores, etc).
>>
>> -- Sam Clippinger
>>
>> Eric Shubert wrote:
>> 
>> 
>> 
>>> Sam Clippinger wrote:
>>>   
>>>   
>>>   
>>>   
 spamdyke looks for the IP address in many different formats.  If the 
 IP 
 address is 11.22.33.44, it looks for:
 11.22.33.44
 011.022.033.044
 11.022.033.044 (new in version 4.0.0)
 11.22.033.044 (new in version 4.0.0)
 11.22.33.044 (new in version 4.0.0)
 44.33.22.11
 44.11.22.33
 33.22.11.44
 44.33.1122
 3344.11.22
 11.22.8492 (last two octets converted to long integer)
 11223344
 011022033044
 11022033044
 1122033044
 112233044
 44332211
 044033022011
 185999660 (entire IP converted to long integer)
 0b16212c (entire IP converted to hex digits)
 Basically, these are all the different formats I've seen in real life. 
  
 As people report new ones, I add them too.
 
 
 
 
>>> Here's another one for you Sam:
>>>
>>> 04-16 13:01:22 DENIED_RDNS_RESOLVE from: [EMAIL PROTECTED] to:
>>> [EMAIL PROTECTED] origin_ip: 65.182.166.90 origin_rdns:
>>> ihsystem-65-182-166-90.pugmarks.net auth: (unknown)
>>>
>>>   
>>>   
>>>   
>>>   
>>>   
>>>   
>> ___
>> spamdyke-users mailing list
>> spamdyke-users@spamdyke.org
>> http://www.spamdyke.

[spamdyke-users] large ip blacklist file

2008-04-23 Thread Bruce Schreiber

Sam,

There is mention of techniques for handling a large IP blacklist file,
but I do not seem to be able to find documentation on how to create and
mange a large list in other than multiple files.  Should I be using a
directory structure, and if so, where can I read about how to do it?

Bruce

___

.mdEmail and .mdSecureIM allow tramsmission of PHI in compliance with HIPAA.
Each is included when you register a .md Domain Name.
http://www.max.md/register.php?affid=footer1
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] large ip blacklist file

2008-04-23 Thread Andras Korn

On Wed, Apr 23, 2008 at 03:58:06PM -0400, Bruce Schreiber wrote:

> There is mention of techniques for handling a large IP blacklist file,
> but I do not seem to be able to find documentation on how to create and
> mange a large list in other than multiple files.  Should I be using a
> directory structure, and if so, where can I read about how to do it?

You can use tcpserver or tcpsvd to handle a large IP blacklist. They use
cdbs (constant databases), which are fast. Spamdyke needn't even be started
for blacklisted connections. (Of course, this has the drawback that you
don't get to see whose mail you're blocking.)

Andras

-- 
 Andras Korn 
  QOTD:
  Everything is fine with the world - one mile under ground.
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Greylisting wishes

2008-04-23 Thread mohaa

I think this would be very useful!
Please do so.

Regards
Arne

Sam Clippinger schrieb:
> I could do that if it would be useful.  Now is the time for changes like 
> this, since version 4.0 won't be backwards compatible anyway.  What 
> about changing the log message for other reasons too?  For example, 
> ALLOWED_WHITELISTED_IP, ALLOWED_WHITELISTED_SENDER, etc.
>
> -- Sam Clippinger
>
> Marcin Orlowski wrote:
>   
>> Sam Clippinger wrote:
>>   
>> 
>>> I'm planning to add that in a future version but not in 4.0.0.  The list 
>>> of changes for that version is already incredibly long and I've been 
>>> trying to finish testing it for the last month or two.  I have no idea 
>>> how long the documentation updates are going to take.
>>>
>>> Look for this in 4.1.0 or so.
>>> 
>>>   
>> Small suggestion for 4.0 -> to add ALLOWED_GRAYLISTED log entry
>> not just ALLOWED for any message that passes. Having ALLOWED_GRAYLISTED 
>> woul help finding out how many graylisted posts were spam. With just
>> ALLOWED I'd need to parse logs myself...
>> ___
>> spamdyke-users mailing list
>> spamdyke-users@spamdyke.org
>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
>>   
>> 
> ___
> spamdyke-users mailing list
> spamdyke-users@spamdyke.org
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
>   

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] large ip blacklist file

2008-04-23 Thread Sam Clippinger

spamdyke doesn't have a way to read blacklisted IPs from a directory 
structure the way it does for blacklisted rDNS names.  However, the IP 
files can use ranges, netmasks and network numbers to make them smaller.

-- Sam Clippinger

Bruce Schreiber wrote:
> Sam,
>
> There is mention of techniques for handling a large IP blacklist file,
> but I do not seem to be able to find documentation on how to create and
> mange a large list in other than multiple files.  Should I be using a
> directory structure, and if so, where can I read about how to do it?
>
> Bruce
>
> ___
>
> .mdEmail and .mdSecureIM allow tramsmission of PHI in compliance with HIPAA.
> Each is included when you register a .md Domain Name.
> http://www.max.md/register.php?affid=footer1
> ___
> spamdyke-users mailing list
> spamdyke-users@spamdyke.org
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
>   
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Greylisting wishes

2008-04-23 Thread BC


On 4/23/2008 [EMAIL PROTECTED] wrote:

>  I could do that if it would be useful.  Now is the time for changes
>  like
>  this, since version 4.0 won't be backwards compatible anyway.  What
>  about changing the log message for other reasons too?  For example,
>  ALLOWED_WHITELISTED_IP, ALLOWED_WHITELISTED_SENDER, etc.

I'd like to see that sort of addition to the logging, too.

Thanks,

Bucky

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Greylisting wishes

2008-04-23 Thread Michael Colvin

Doesn't it already log "DENIED GREYLISTED" when it greylists an address,
then when it is sent again, and passes the greylist test, it logs
"ALLOWED"...  Doesn't that already identify greylisted e-mails?  Or, are we
talking about logging the fact that e-mails are allowed AND have already
been greylisted?  Which, if you greylist all domains, would be every e-mail,
right?

The "ALLOWED_WHITELISTED_*" items might be useful, but I don't see where
logging allowed greylisted e-mails makes sense...  In fact, "Allowed
Greylist" seems kind of contradictory to me...  :-)  Just my .02, which,
with the state of the dollar, is worth even less today than last week.  :-)

Michael J. Colvin
NorCal Internet Services
www.norcalisp.com

> -Original Message-
> From: [EMAIL PROTECTED] 
> [mailto:[EMAIL PROTECTED] On Behalf Of BC
> Sent: Wednesday, April 23, 2008 1:32 PM
> To: spamdyke-users@spamdyke.org
> Subject: Re: [spamdyke-users] Greylisting wishes
> 
> 
> On 4/23/2008 [EMAIL PROTECTED] wrote:
> 
> >  I could do that if it would be useful.  Now is the time 
> for changes  
> > like  this, since version 4.0 won't be backwards compatible 
> anyway.  
> > What  about changing the log message for other reasons too?  For 
> > example,  ALLOWED_WHITELISTED_IP, ALLOWED_WHITELISTED_SENDER, etc.
> 
> I'd like to see that sort of addition to the logging, too.
> 
> Thanks,
> 
> Bucky
> 
> ___
> spamdyke-users mailing list
> spamdyke-users@spamdyke.org
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
> 

___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Greylisting wishes

2008-04-23 Thread Sam Clippinger

"ALLOWED_GRAYLISTED" could be useful if graylisting isn't active for all 
domains.  It would mean that the graylisting filter had checked for the 
existence of a graylist file for that connection (and found one).  I 
agree it should be possible to match an "ALLOWED" with a previous 
"DENIED_GRAYLISTED" but that could involve searching log files from 
multiple days if the remote server doesn't attempt redelivery very quickly.

-- Sam Clippinger

Michael Colvin wrote:
> Doesn't it already log "DENIED GREYLISTED" when it greylists an address,
> then when it is sent again, and passes the greylist test, it logs
> "ALLOWED"...  Doesn't that already identify greylisted e-mails?  Or, are we
> talking about logging the fact that e-mails are allowed AND have already
> been greylisted?  Which, if you greylist all domains, would be every e-mail,
> right?
>
> The "ALLOWED_WHITELISTED_*" items might be useful, but I don't see where
> logging allowed greylisted e-mails makes sense...  In fact, "Allowed
> Greylist" seems kind of contradictory to me...  :-)  Just my .02, which,
> with the state of the dollar, is worth even less today than last week.  :-)
>  
>
> Michael J. Colvin
> NorCal Internet Services
> www.norcalisp.com
>
>  
>
>
>
>  
>
>   
>> -Original Message-
>> From: [EMAIL PROTECTED] 
>> [mailto:[EMAIL PROTECTED] On Behalf Of BC
>> Sent: Wednesday, April 23, 2008 1:32 PM
>> To: spamdyke-users@spamdyke.org
>> Subject: Re: [spamdyke-users] Greylisting wishes
>>
>>
>> On 4/23/2008 [EMAIL PROTECTED] wrote:
>>
>> 
>>>  I could do that if it would be useful.  Now is the time 
>>>   
>> for changes  
>> 
>>> like  this, since version 4.0 won't be backwards compatible 
>>>   
>> anyway.  
>> 
>>> What  about changing the log message for other reasons too?  For 
>>> example,  ALLOWED_WHITELISTED_IP, ALLOWED_WHITELISTED_SENDER, etc.
>>>   
>> I'd like to see that sort of addition to the logging, too.
>>
>> Thanks,
>>
>> Bucky
>>
>> ___
>> spamdyke-users mailing list
>> spamdyke-users@spamdyke.org
>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
>>
>> 
>
> ___
> spamdyke-users mailing list
> spamdyke-users@spamdyke.org
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
>   
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Greylisting wishes

2008-04-23 Thread N.Novozhilov

Yes, it's very useful, I guess...

On Wed, 23 Apr 2008 14:50:38 -0500
Sam Clippinger <[EMAIL PROTECTED]> wrote:

> I could do that if it would be useful.  Now is the time for changes like 
> this, since version 4.0 won't be backwards compatible anyway.  What 
> about changing the log message for other reasons too?  For example, 
> ALLOWED_WHITELISTED_IP, ALLOWED_WHITELISTED_SENDER, etc.
> 
> -- Sam Clippinger
> 
> Marcin Orlowski wrote:
> > Sam Clippinger wrote:
> >   
> >> I'm planning to add that in a future version but not in 4.0.0.  The list 
> >> of changes for that version is already incredibly long and I've been 
> >> trying to finish testing it for the last month or two.  I have no idea 
> >> how long the documentation updates are going to take.
> >>
> >> Look for this in 4.1.0 or so.
> >> 
> >
> > Small suggestion for 4.0 -> to add ALLOWED_GRAYLISTED log entry
> > not just ALLOWED for any message that passes. Having ALLOWED_GRAYLISTED 
> > woul help finding out how many graylisted posts were spam. With just
> > ALLOWED I'd need to parse logs myself...
> > ___
> > spamdyke-users mailing list
> > spamdyke-users@spamdyke.org
> > http://www.spamdyke.org/mailman/listinfo/spamdyke-users
> >   
> ___
> spamdyke-users mailing list
> spamdyke-users@spamdyke.org
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users


~~
Regards
Nicholas A. Novozhilov, NAN6-RIPE

 NTR Lab
 System administrator
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Greylisting wishes

2008-04-23 Thread Eric Shubert

There's possible, and there's trivial. I vote trivial (good idea!). :)

Sam Clippinger wrote:
> "ALLOWED_GRAYLISTED" could be useful if graylisting isn't active for all 
> domains.  It would mean that the graylisting filter had checked for the 
> existence of a graylist file for that connection (and found one).  I 
> agree it should be possible to match an "ALLOWED" with a previous 
> "DENIED_GRAYLISTED" but that could involve searching log files from 
> multiple days if the remote server doesn't attempt redelivery very quickly.
> 
> -- Sam Clippinger
> 
> Michael Colvin wrote:
>> Doesn't it already log "DENIED GREYLISTED" when it greylists an address,
>> then when it is sent again, and passes the greylist test, it logs
>> "ALLOWED"...  Doesn't that already identify greylisted e-mails?  Or, are we
>> talking about logging the fact that e-mails are allowed AND have already
>> been greylisted?  Which, if you greylist all domains, would be every e-mail,
>> right?
>>
>> The "ALLOWED_WHITELISTED_*" items might be useful, but I don't see where
>> logging allowed greylisted e-mails makes sense...  In fact, "Allowed
>> Greylist" seems kind of contradictory to me...  :-)  Just my .02, which,
>> with the state of the dollar, is worth even less today than last week.  :-)
>>  
>>
>> Michael J. Colvin
>> NorCal Internet Services
>> www.norcalisp.com
>>
>>  
>>
>>
>>
>>  
>>
>>   
>>> -Original Message-
>>> From: [EMAIL PROTECTED] 
>>> [mailto:[EMAIL PROTECTED] On Behalf Of BC
>>> Sent: Wednesday, April 23, 2008 1:32 PM
>>> To: spamdyke-users@spamdyke.org
>>> Subject: Re: [spamdyke-users] Greylisting wishes
>>>
>>>
>>> On 4/23/2008 [EMAIL PROTECTED] wrote:
>>>
>>> 
  I could do that if it would be useful.  Now is the time 
   
>>> for changes  
>>> 
 like  this, since version 4.0 won't be backwards compatible 
   
>>> anyway.  
>>> 
 What  about changing the log message for other reasons too?  For 
 example,  ALLOWED_WHITELISTED_IP, ALLOWED_WHITELISTED_SENDER, etc.
   
>>> I'd like to see that sort of addition to the logging, too.
>>>
>>> Thanks,
>>>
>>> Bucky
>>>


-- 
-Eric 'shubes'
___
spamdyke-users mailing list
spamdyke-users@spamdyke.org
http://www.spamdyke.org/mailman/listinfo/spamdyke-users

Re: [spamdyke-users] Greylisting wishes

Re: [spamdyke-users] problems with DENIED_IP_IN_CC_RDNS

Re: [spamdyke-users] Greylisting wishes

Re: [spamdyke-users] Greylisting wishes

Re: [spamdyke-users] Greylisting wishes

Re: [spamdyke-users] problems with DENIED_IP_IN_CC_RDNS

[spamdyke-users] large ip blacklist file

Re: [spamdyke-users] large ip blacklist file

Re: [spamdyke-users] Greylisting wishes

Re: [spamdyke-users] large ip blacklist file

Re: [spamdyke-users] Greylisting wishes

Re: [spamdyke-users] Greylisting wishes

Re: [spamdyke-users] Greylisting wishes

Re: [spamdyke-users] Greylisting wishes

Re: [spamdyke-users] Greylisting wishes

15 matches

Site Navigation

Mail list logo

Footer information