On Tue, Nov 15, 2005 at 03:07:36PM -0500, Mark Bucciarelli wrote:
> On Tue, Nov 15, 2005 at 09:59:44AM -0800, Steve Jacobson wrote:
>
> > So, does anyone have a good greylisting plugin for Courier already
> > developed and ready to share?
>
> mta-independent, pf-based: http://www.bsdcan.org/2005/activity.php?id=63
>
Here's a link to the original BSDCan presentation [1].
The more I read about this, the better it looks. :)
Summary:
- tar pit (1 byte/sec, TCP Windows size=1 response to blacklisted host)
- greylisting
- greytrapping (spamtrap addresses greylisted hosts cannot mail to)
- initial ten second stutter (to greylisted connections) then full
speed
- efficient:
- author's site services 1 million smtp connections/day,
- spamd creates 50,000 to 70,000 greylist tuples every four hours,
- there are 120,000 entries in whitelist
- spamd + pf run on a 1U Dell Power Edge 1650 (stock: PIII 1.3
GHz, 512 MB RAM)
- previous approach (sendmail milter w/ mysql) brought a "beefy
box to it's knees."
- approx 60% reduction in smtp sessions
- secure (author is part of openbsd project. Also, the postfix
greylisting logic had a remote exploit at some point.)
- simple cluster (pf can use "round robin" redirect to send whitelisted
connections to a cluster of mail procesors)
The thought of sending 1 byte per second to spammers makes me very
happy. Unfortunately, spammers are smart and now disconnect more
quickly--the stuttering was implemented to try and still give them
some pain.
m
[1] http://www.openbsd.org/papers/bsdcan05-spamd/
-------------------------------------------------------
This SF.Net email is sponsored by the JBoss Inc. Get Certified Today
Register for a JBoss Training Course. Free Certification Exam
for All Training Attendees Through End of 2005. For more info visit:
http://ads.osdn.com/?ad_id=7628&alloc_id=16845&op=click
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
