On 5/17/05 12:53 PM, "Jaye Mathisen" <[EMAIL PROTECTED]> wrote:
> I've been reading on greylisting, and thinking about integrating > it. > > However, one question sticks in my head, if you authenticate auser via > some SMTP-AUTH method, then is grey-listing bypassed? Not an issue here, as the Exim instances that customers talk to are separate from the MX that the world talks to. > > I was also thinking about going to really short intervals. Like 5 minutes. We use a Python daemon we wrote here (which tracks using a MySQL database). Exim gets a simple ACCEPT or DEFER back from the daemon, and acts accordingly. (Mostly at RCTP TO: time, but we defer the <> sender and some others to DATA time for greylisting (to avoid issues with those doing callbacks), and we have whitelisting in a database with fairly fine-grained control (not quite fine enough, unfortunately)). Keeps a lot of messages out of our system (including the new Sober), and the drivel that the machines infected with the new Sober are now spewing out. A process runs every 5 minutes to clean up the database. The separate daemon is much easier than trying to make Exim make the decisions. --John -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
