On Sun, 2 Jan 2005, Dario wrote: > Very usefull filter, thanks Davide! > > Just a few words on a possible improvement. > It would be nice to have something like the > embargo policy implemented in DCC greylist. > > Maybe I'm wrong, but it would just need the md5 > checksum algorithm of the message body, a few > new columns in the dbm and... some code... > > "DCC greylisting normally requires not only > that a triple of sender, recipient and SMTP > client IP address be familiar, but also that > a triple does not become familiar until the > same message has been presented and temporarily > embargoed or rejected. This significant difference > from other implementations prevents a spammer from > retransmitting a different message > (e.g. with different random words) > to get past greylist filtering." > > from: > http://www.rhyolite.com/anti-spam/dcc/greylist.html
I took a quick look at it, and IMO does not help much. Looking at the patterns I see here in the glst-lame db, only one attempt is made in the delivery phase. On top of that, DCC requires the full message to be received, on the contrary of standard greylist implementations (like GLST) where the message is blocked at tha DATA handshake. - Davide - To unsubscribe from this list: send the line "unsubscribe xmail" in the body of a message to [EMAIL PROTECTED] For general help: send the line "help" in the body of a message to [EMAIL PROTECTED]
