EE,
Please have a look at this patch too when you get a chance (not a high
priority methinks). I like this one better, as it is implemented nearer the
front of the process in qmail-smtp instead of in simscan. I still think a
firewall implementation would be best though.
Thanks for looking into these.
-------- Original Message --------
Subject: Re: [simscan] [PATCH] Updated greylisting patch for simscan 1.2
Date: Mon, 13 Nov 2006 22:55:26 +0000
From: Gerard Earley <[EMAIL PROTECTED]>
Reply-To: [EMAIL PROTECTED]
Organization: Whitecurve
To: [EMAIL PROTECTED]
References: <[EMAIL PROTECTED]>
<[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
Eric "Shubes" wrote:
> Richard Archer wrote:
>
>> At 8:10 PM +0100 13/11/06, Florian G. Pflug wrote:
>>
>>
>>> + * Algorithm: When a sender with a source ip for which no record yet exists
>>> + * connects, his delivery will fail with a temporary error.
>>> + * All following delivery attempts by that sender will fail with
>>> + * a temporary error too, until GREYLIST_MIN_DELAY seconds after
>>> + * his _first_ attempt.
>>>
>> The problem with checking only the IP address is that spambots
>> work through a list of addresses to spam. So if they try one
>> address on your server they get a 451. 5 minutes later they
>> try a different address on your server and they get added to
>> the whitelist.
>>
>> The way I set greylisting up is that it checks the IP/From/To
>> tuple for retries and once it detects a retry it whitelists
>> that IP address.
>>
>> I still think greylisting should be patched into qmail-smtpd
>> so the 451 can be sent after the RCPT command.
>>
>
> I agree. Greylisting should be as far in front of the process as possible,
> ideally in the (external) firewall. I sure wish that greylisting was
> integrated into IPCop.
>
>
>> ...Richard.
>>
>>
>>
>>
>>
>>
>
>
There is a qmail patch that implements the full ip/to/from triple in
qmail during the SMTP phase.
Its fairly simple to patch into qmail-smtpd though it does use mysql for
storage so some people object to it for that reason.
I implement it on every qmail box i admin and it reduces spam by a vast
amount.
About 99% of spam gets caught by it and I'm not exaggerating.
http://www.digitaleveryware.com/projects/greylisting/
--
-Eric 'shubes'
!DSPAM:4558fe2927418441612098!
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
