Sander Holthaus writes:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1Sam Varshavchik wrote:Alexander Lazic writes:How about to add -greylist to couriertcpd such as -block. My opinion is that this is the right point, isn't it?No. couriertcpd's job is to only accept network connections. couriertcpd is protocol-independent, and has no idea if the connection will be an SMTP, IMAP, or a POP3 connection.Sam, what is your opinion on greylisting? Any specific reason why it is not included in Courier?
Because I have a job, and not enough free time to do it right. Busy mail servers may receive hundreds of connection attempts per second. Assuming a baseline of 100 connections a second, and a greylisting expiration interval of two hours -- you can't really have an effective greylisting system with a shorter expiration, because it's quite reasonable for legitimate senders to wait at least an hour to try again -- simple math will show you that your greylisting database is going to grow to the 700,000 record range.
Before I could even think of writing a single line of code, I have to figure out how to scale to a database that may potentially hold several million records, and do it in a way that allows for parallel queries -- and updates -- with negligible overhead.
And that's just for starters. Then, you need to figure out how you're going to hold whitelisted addresses.
Greylisting sounds wonderful, but only if you're a small fish that occasionally gets any mail, at all.
pgpmG59tGN1hx.pgp
Description: PGP signature
