First off, thanks to everyone for the replies, I appreciate the info. TO
clarify my position, I am currently using both greetdelay and greylisting,
but am building an updated setup for moving the server and wasn't sure if
it was worth keeping - it sounds like it is (and I'm keeping greetdelay in
any event), so now on to the how :)
My existing implementation uses Bill Shupp's toaster greylisting patch
(since his toaster was the basis for my build at the time), which stores
the data in a MySQL database, and employs a forked process from
qmail-smtpd to check each recipient as the RCPT TO: command is processed.
Needless to say this is not the most efficient method since it keeps
having to establish the SQL connection, so I'm looking at possible
alternatives.
My first thought was to turn the external program into a daemon listening
on a local socket that maintains the database connection, and have a tiny
client that just passed info to the daemon and got a response. I've
actually done that (I used it to learn a bit of unix socket and thread
programming), but I haven't actually had a chance to test it since I'm
still putting things together.
I've also looked at John Levine's greydaemon, and that looks like it might
work well although I do have a few questions about it that I'll probably
end up tweaking for myself. Nothing like testing different ways of doing
the same thing :)
It did raise one question that I feel is worth asking here:
What's the best way to properly handle a message with multiple recipients?
Do you check and reply to each recipient a the RCPT TO: command is
issues, and accept those recipients that have already passed the greylist
check? Or do you wait until you get all the recipients, and then check
them? If you do them all at once, do you reject the message if any of the
recipients are greylisted, or do you let it through if even one of them
has already passed the greylist waiting period?
Thanks again for the input.
Josh
Joshua Megerman
SJGames MIB #5273 - OGRE AI Testing Division
You can't win; You can't break even; You can't even quit the game.
- Layman's translation of the Laws of Thermodynamics
josh@honorablemenschen.com
clarify my position, I am currently using both greetdelay and greylisting,
but am building an updated setup for moving the server and wasn't sure if
it was worth keeping - it sounds like it is (and I'm keeping greetdelay in
any event), so now on to the how :)
My existing implementation uses Bill Shupp's toaster greylisting patch
(since his toaster was the basis for my build at the time), which stores
the data in a MySQL database, and employs a forked process from
qmail-smtpd to check each recipient as the RCPT TO: command is processed.
Needless to say this is not the most efficient method since it keeps
having to establish the SQL connection, so I'm looking at possible
alternatives.
My first thought was to turn the external program into a daemon listening
on a local socket that maintains the database connection, and have a tiny
client that just passed info to the daemon and got a response. I've
actually done that (I used it to learn a bit of unix socket and thread
programming), but I haven't actually had a chance to test it since I'm
still putting things together.
I've also looked at John Levine's greydaemon, and that looks like it might
work well although I do have a few questions about it that I'll probably
end up tweaking for myself. Nothing like testing different ways of doing
the same thing :)
It did raise one question that I feel is worth asking here:
What's the best way to properly handle a message with multiple recipients?
Do you check and reply to each recipient a the RCPT TO: command is
issues, and accept those recipients that have already passed the greylist
check? Or do you wait until you get all the recipients, and then check
them? If you do them all at once, do you reject the message if any of the
recipients are greylisted, or do you let it through if even one of them
has already passed the greylist waiting period?
Thanks again for the input.
Josh
Joshua Megerman
SJGames MIB #5273 - OGRE AI Testing Division
You can't win; You can't break even; You can't even quit the game.
- Layman's translation of the Laws of Thermodynamics
josh@honorablemenschen.com