Robert Felber
Mon, 14 Jan 2008 10:17:31 -0800
On Mon, Jan 14, 2008 at 05:37:52PM +0100, fili wrote: > > Okay, I've installed the testing version of Policyd-weight from the Debian > repository's. > > #/usr/sbin/policyd-weight -v > policyd-weight version: 0.1.14 beta-5, CacheVer: 5 > Perl version: 5.008008 > Net::DNS version: 0.59 > OS: Linux 2.6.18-5-686 > > The RC: restriction class feature now works like a charm. > However, there seems to be a problem with the thing I'm trying to do. > > Let me try and explain: > - A client connects to port 25 > - Policyd-weight determines that this client appears on too many RBLs and > returns 'rc:greylist' > - Postgrey takes over and will greylist the client > > So far so good, but then: > - Client appears to be legitimate and retries the connection after a waiting > period > - Policyd-weight recognizes this client as one it rejected a while back and > returns '550 temporarily blocked because of > previous errors - retrying too fast'
Ok, a bug. Fixing appears troublesome (breaks lowest-resource-usage-policy).
Not certain whether requests which will be answered with 'rc:' should
generally not be cached (this wouldn't break cache-resources).
> Does anybody know how to completly disable the built-in cache of
> Policyd-weight?
> I've already set $NTIME = 0; without luck.
$CACHESIZE=0;
--
Robert Felber (PGP: 896CF30B)
Munich, Germany
____________________________________________________________
Policyd-weight Mailinglist - http://www.policyd-weight.org/