Le mer 5 juillet 2006 16:45, martin f krafft a écrit :
> also sprach Wolfgang Lonien <wolfgang@lonien.de> [2006.07.05.1519
+0200]:
> > Do we use greylisting on the @debian.org domain and especially on
> > @lists.debian.org?
> >
> > If not, then we should probably try it - for my private stuff, that
> > works just nice. The only things which still come through are spams
> > which were sent over debian.org and such, which obviously use real
> > mail servers.
>
> This has been brought up. Basically I don't think people were
> opposed to it, but there was noone available to implement it.
>
> So if you really want it, log in to the hosts, copy the exim
> configuration, implement greylisting, test it, then contact
> debian-admin@lists.d.o with patches.
the patches exists, and I already did that. the setup is in production
on alioth FWIW, thanks to raphael hertzog.
basically, on alioth the greylisting is a selective greylist: we only
use greylisting on hosts that are awkward (like listed on rbl's,
reverse IP do not resolve, ...).
greylist is inneficient if the remote host is a real smtp server, and
real smtp server likely :
- are not listed on rbl's
- uses a correct reverse dns
- ...
I had a couple of posts on the subject on my blog[1]. FWIW I also have
written a policy daemon, used with postgrey (or any other existant
greylister) called whitelister[2], in order to implement the same thing
on postfix. Configuration is pretty straightforward.
[1] http://blog.madism.org/index.php/2006/03/25/79-debianorg-and-spam
http://blog.madism.org/index.php/2006/03/28/80-debianorg-and-spam-2
http://blog.madism.org/index.php/2006/04/03/81-debianorg-and-spam-3-alioth
[2] http://packages.qa.debian.org/w/whitelister.html
http://backports.org/package.php?search=whitelister
--
·O· Pierre Habouzit
··O madcoder@debian.org
OOO http://www.madism.org
Attachment:
pgpro52gMUy1B.pgp
Description: PGP signature