| Stephen Gran on 21 Jan 2005 19:42:57 -0000 |
|
On Fri, Jan 21, 2005 at 02:11:45PM -0500, Fred K Ollinger said:
> > - Greylisting. The server sends a temporary delivery error on the first
> > attempt from any machine-from-to triplet, and lets any that is resent after a
> > few minutes through. As most of the spambots aren't running through real
> > mailservers that retry mails, this blocks most of the spam but not anything
> > coming from a legitmate server (with the exception of yahoo, which sends
> > listmail out with unique bounce addresses every time, so they have to be
> > whitelisted). This has reduced inbound spam significantly. (At least with
> > postfix, it's in the auth phase, so it's not even checking headers, so much
> > lower bandwidth usage).
>
> Does any exim wizard know this one? Is the below able to be done in exim?
> I would like to do this as it sounds like it helps a lot. I would love to
> use postfix, but for me it is just not an option for various reasons so I
> would like to get this going in exim 3.
>
> Thank-you very much.
>
> Fred
I would higly recommend moving to exim4, which can do a lot of things
vastly better than exim 3, but if you are stuck with exim 3, it may be
doable.
<digs out exim3 book>
OK, you will need to set up the following:
Some place to store your data (I recommend SQL of some sort, as flat
files will eventually get too large to work with)
A way to query that data and return a knowable string (e.g., return the
string '0' for accept and '1' for defer)
Then set up a special director, with verify_only set on it. This
director will run the query, and return defer if it gets back a 1, and
accept if it gets a 0.
I currently use a perl::DBI implementation that has a running daemon
listening on a unix socket. I query the socket with the appropriate
data, and read back the repsonse. If it is greater than zero, I defer.
Since exim3 has both a ${perl } and a queryprogram router, this stuff
should be doable. I have gotten fairly rusty with my advanced exim 3
stuff, though, so it would take some time to put together something that
would work (that and I have no exim3 systems to test on anymore).
You'll also need infrastructure around the data, e.g - some way to
expire old data, etc., but that's outside the exim scope. If the above
doesn;t get you going, let me know - I may be able to dig up some way of
doing it. But, again, I highly recommend going to exim 4 - it is well
worth it.
--
--------------------------------------------------------------------------
| Stephen Gran | Single tasking: Just Say No. |
| steve@lobefin.net | |
| http://www.lobefin.net/~steve | |
--------------------------------------------------------------------------
Attachment:
pgpw556LKK4ma.pgp ___________________________________________________________________________ Philadelphia Linux Users Group -- http://www.phillylinux.org Announcements - http://lists.phillylinux.org/mailman/listinfo/plug-announce General Discussion -- http://lists.phillylinux.org/mailman/listinfo/plug
|
|