http://phantom.dragonsdawn.net/~gordon/courier-patches/courier-pythonfilter/
pythonfilter.py implements the Courier filtering mechanism for python filters. It should be installed in /usr/lib/courier/libexec/filters. Before starting the filter, create the directory /usr/lib/courier/libexec/filters/python-filter/ for the filter modules.
dialback.py requires the python DNS module, and by extension, python 2. pydns packages are included at the above location for Red Hat linux 7.3 and 9. If your platform's /usr/bin/python is not python 2, then you'll need to change the shebang to the path of your python 2 binary. Install this module in the "python-filter" directory.
Use "filterctl start pythonfilter.py" to start the python filter. Errors and status will be logged in the maillog.
The dialback module does fairly simple processing: it reads the sender from the first line of the first control file. It breaks that into user / domain parts. DNS is checked for MX records for the domain, and the A record if none are found. Each of those hosts is contacted and an attempt is made to validate the user. Processing stops when a 250 or 5XX code is given by the remote server, or when none are left to contact. If none respond, or all respond with 4XX codes, a 4XX code will be given back to the sender; the message will be deferred by the remote server. If a 5XX code is given by one of the authenticating servers, a 5XX code will be given by Courier to the sending server. The message will be accepted if one of the authenticating servers gives a 250 code.
I'd like to run this on a couple of servers and see if it does any good at all. Some of the most abused servers will give a positive response to any address they're asked about (with either VRFY or RCPT commands).
Are there any services that will give different responses to those two commands?
The filter includes a sender cache, kept in memory. I haven't added the expiration loop yet, so this cache will grow without bounds. I doubt anyone's going to put this on a server with enough volume to cause a problem, but that'll be complete later today or tomorrow.
I guess what I'd like to know is:
* How often does this filter reject spam, in practice?
* Are there any servers that will give a different reply to RCPT than they do to VRFY?
* Should a GDBM file be used rather than an in-memory dictionary?
Appreciate feedback. Thanks.
------------------------------------------------------- This SF.Net email sponsored by: Parasoft Error proof Web apps, automate testing & more. Download & eval WebKing and get a free book. www.parasoft.com/bulletproofapps1 _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
