41 messages in net.sourceforge.lists.courier-usersRe: [courier-users] courier-mta and a...| From | Sent On | Attachments |
|---|---|---|
| FM | Oct 30, 2007 2:06 pm | |
| Jeff Jansen | Oct 30, 2007 9:22 pm | |
| cour...@thefreecat.org | Oct 31, 2007 4:05 am | |
| gor...@bobich.net | Oct 31, 2007 4:32 am | |
| cour...@thefreecat.org | Oct 31, 2007 5:11 am | |
| gor...@bobich.net | Oct 31, 2007 5:57 am | |
| João Vale | Oct 31, 2007 6:12 am | |
| gor...@bobich.net | Oct 31, 2007 6:24 am | |
| Arturo 'Buanzo' Busleiman | Oct 31, 2007 6:34 am | |
| gor...@bobich.net | Oct 31, 2007 7:03 am | |
| FM | Oct 31, 2007 7:24 am | |
| gor...@bobich.net | Oct 31, 2007 7:35 am | |
| Gordon Messmer | Nov 1, 2007 9:20 pm | |
| gor...@bobich.net | Nov 2, 2007 9:43 am | |
| Arturo 'Buanzo' Busleiman | Nov 2, 2007 9:50 am | |
| gor...@bobich.net | Nov 2, 2007 10:10 am | |
| Gordon Messmer | Nov 2, 2007 2:01 pm | |
| Gordan Bobic | Nov 2, 2007 2:49 pm | |
| Alessandro Vesely | Nov 3, 2007 2:44 pm | |
| Gordon Messmer | Nov 3, 2007 5:59 pm | |
| Jérôme Blion | Nov 3, 2007 6:16 pm | |
| Gordan Bobic | Nov 4, 2007 1:19 am | |
| Gordan Bobic | Nov 4, 2007 1:31 am | |
| Arturo 'Buanzo' Busleiman | Nov 4, 2007 5:15 am | |
| Arturo 'Buanzo' Busleiman | Nov 4, 2007 5:23 am | |
| Gordon Messmer | Nov 4, 2007 4:32 pm | |
| Jérôme Blion | Nov 4, 2007 4:52 pm | |
| Alessandro Vesely | Nov 4, 2007 10:40 pm | |
| Bernd Wurst | Nov 4, 2007 11:09 pm | |
| Lisa Muir | Nov 4, 2007 11:51 pm | |
| gor...@bobich.net | Nov 5, 2007 1:38 am | |
| gor...@bobich.net | Nov 5, 2007 1:47 am | |
| Lisa Muir | Nov 5, 2007 4:09 am | |
| gor...@bobich.net | Nov 5, 2007 4:41 am | |
| Lisa Muir | Nov 5, 2007 4:57 am | |
| gor...@bobich.net | Nov 5, 2007 5:36 am | |
| Harry Duncan | Nov 5, 2007 6:22 am | |
| Alessandro Vesely | Nov 5, 2007 8:16 am | |
| Alessandro Vesely | Nov 5, 2007 9:08 am | |
| Bernd Wurst | Nov 5, 2007 12:44 pm | |
| Alessandro Vesely | Nov 6, 2007 12:30 am |
| Subject: | Re: [courier-users] courier-mta and amavis-new +clamAV | |
|---|---|---|
| From: | João Vale (jva...@junifeup.pt) | |
| Date: | Oct 31, 2007 6:12:15 am | |
| List: | net.sourceforge.lists.courier-users | |
On Wed, 2007-10-31 at 12:57 +0000, gor...@bobich.net wrote:
On Wed, 31 Oct 2007, cour...@thefreecat.org wrote:
gor...@bobich.net a écrit :
Utter nonsense. Greylisting doesn't work.
Hmmm...
It falls over flat on it's face the moment it is exposed to multi-homed senders [...] There are perfectly valid reasons why one might want to run their systems with such a setup (network failure redundancy or peering arrangements).
Oh... Sure ! Though, I would say that such an (static, complicated) architecture should be quite rare for spammers (very easy to blacklist). So in *most* cases greylisting is perfectly adapted.
The point is that all such non-spamming setups (e.g. gmail) would need to be whitelisted for greylisting to work. Otherwise, greylisting will massively delay (possibly to the point of bouncing) mail from multi-homed systems.
As far as I know, SPF takes care of this. In my setup, Google, for example, bypasses greylisting because it has a valid SPF record.
If you're using greylisting, you might as well save yourself some server load
Greylisting *already* saves much server load.
and use unlisting instead.
What's this ?
Google for it. It's essentially port knocking for SMTP. For example, you only accept the TCP connection on MX3 if the sending server first touched port 25 on MX1 and MX2, in the correct order. MX1 and MX2 always reject, but MX3 selectively accepts or drops/tarpits.
You _might_ get somewhere more meaningful if you greylist by (from, to) rather than (ip, from, to), but last time I checked, most tools didn't allow for this.
That shouldn't be too big of a hack (for the one who really wants it). Did you try (just forcing all stored/compared IP addresses to 0.0.0.0 should be sufficient for a proof of concept) ?
I haven't bothered. nolisting (decoy MX records) + RBLs knocked spam on the head down to 0.1% of where it was. And the delay my mail sees is a few times the ping time from the sender, which will, if it's RFC compliant, retry the next MX until it finds the one that works. Greylisting is a paradigm that is incompatible with this approach.
Pardon my ignorance, I'm just sharing my experience : since I installed greylisting, 95% of SPAM has disappeared, period. With no extra work, just 15mn of configuration.
How much ham bounced (apart from _all_ of it getting delayed by an arbitrary amount of time)? You'll find that nolisting+RBLs approach would have likely yielded at least equivalent results with none of the drawbacks of greylisting, and taken no longer to set up. Nolisting is effectively guaranteed to yield no false positives, and RBLs reject immediately. It is often better to immediately get a bounce as with RBLs than to have the mail sit in limbo with the sender thinking it's been received.
Gordan
------------------------------------------------------------------------- This
SF.net email is sponsored by: Splunk Inc. Still grepping through log files to
find problems? Stop. Now Search log events and configuration files using AJAX
and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________ courier-users mailing list cour...@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users