|Flavio Stanchina||Nov 22, 2009 7:40 am|
|Subject:||[courier-users] Courier pythonfilter and whitelisting|
|From:||Flavio Stanchina (flav...@ies.it)|
|Date:||Nov 22, 2009 7:40:44 am|
First, apologies for sending a draft of this message that I had just started editing. Please ignore that.
Now for the real stuff: I recently installed pythonfilter for its greylisting abilities, and it's doing its job extremely well on a couple of servers. Many thanks to those who invented greylisting and those who implemented pythonfilter! ;)
I have some thoughts and questions for you. First, about auto_whitelist. Initially I enabled it, but I noticed a rather serious drawback: these days, it's common to receive spam with the sender's address set to yourself or some other username in your domain, so if you email yourself (which I sometimes do) or a colleague and have auto_whitelist enabled, you'll also open the door to some spam. Is there any way to avoid that?
Then, about virus filtering. I think that using clamav before greylisting, as suggested in the default configuration, is not the best course of action because greylisting will hopefully keep most viruses out without having to look at the message contents.
However, pythonfilter's architecture is such that if a filter accepts a message, then all the following filters will be skipped. I'm of course using various whitelisting modules before greylisting, so whitelisted messages will skip clamav altogether if I place it after greylisting. While I do not expect to receive viruses from most of the addresses I have whitelisted, being paranoid doesn't hurt.
Therefore, I'd like to have whitelists apply only to greylisting and clamav apply to everything that has not been rejected alright by greylist (or whatever other filter I might place before clamav). In pseudocode, that would be something like:
if (!whitelist_relayclients && !whitelist_auth && !whitelist_block) greylist;
Can this be done with the current pythonfilter? As a workaround, could I run two pythonfilter instances, one for the greylisting and the other running the clamav filter?
I'd be happy to write some code to implement, uh, let's call it "nonlinear" filtering, but I would definitely want Gordon's and others' opinion on how to do it properly.
-- Flavio Stanchina Informatica e Servizi Trento - Italy
Those who do not understand Unix are condemned to reinvent it, poorly. -- Henry Spencer
------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________ courier-users mailing list cour...@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users