[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: greylisting on debian.org?



Le mer 5 juillet 2006 16:45, martin f krafft a écrit :
> also sprach Wolfgang Lonien <wolfgang@lonien.de> [2006.07.05.1519 
+0200]:
> > Do we use greylisting on the @debian.org domain and especially on
> > @lists.debian.org?
> >
> > If not, then we should probably try it - for my private stuff, that
> > works just nice. The only things which still come through are spams
> > which were sent over debian.org and such, which obviously use real
> > mail servers.
>
> This has been brought up. Basically I don't think people were
> opposed to it, but there was noone available to implement it.
>
> So if you really want it, log in to the hosts, copy the exim
> configuration, implement greylisting, test it, then contact
> debian-admin@lists.d.o with patches.

the patches exists, and I already did that. the setup is in production 
on alioth FWIW, thanks to raphael hertzog.

basically, on alioth the greylisting is a selective greylist: we only 
use greylisting on hosts that are awkward (like listed on rbl's, 
reverse IP do not resolve, ...).

greylist is inneficient if the remote host is a real smtp server, and 
real smtp server likely :
 - are not listed on rbl's
 - uses a correct reverse dns
 - ...

I had a couple of posts on the subject on my blog[1]. FWIW I also have 
written a policy daemon, used with postgrey (or any other existant 
greylister) called whitelister[2], in order to implement the same thing 
on postfix. Configuration is pretty straightforward.

 [1] http://blog.madism.org/index.php/2006/03/25/79-debianorg-and-spam
     http://blog.madism.org/index.php/2006/03/28/80-debianorg-and-spam-2
     http://blog.madism.org/index.php/2006/04/03/81-debianorg-and-spam-3-alioth

 [2] http://packages.qa.debian.org/w/whitelister.html
     http://backports.org/package.php?search=whitelister
-- 
·O·  Pierre Habouzit
··O                                                madcoder@debian.org
OOO                                                http://www.madism.org

Attachment: pgprCu39J8p5R.pgp
Description: PGP signature


Reply to: