On Fri, 2004-06-25 at 05:53, Jonas Eckerman wrote: > > (I suppose you use "MAIL FROM: <>" ;-) > > Yep. Don't want to get into a recursive loop with another server doing similar > checks. :-)
I was wondering about that possibility. > Yes, there are problems, wich is why my little test is done the way it is. I'd > rather accept too much than reject too much. It still looks like it'd give good > results though. Wouldn't this work best with a database approach similar to greylisting? That is, store the results of your tests with a count and timestamp so you don't have to repeat them often. Success should be good for a long time, rejects should start with a short life but live increasingly longer as the use count increases. This could be hooked to another table via the same database connection as the greylist and a database failure could fall over to allowing mail through so as not to break anything. > Currently I'm monitoring this stuff with a small script that compares the result of > the check to mails that are accepted. As the check looks now, it has not hit *any* > legit mail at all. Every single mail that would have been stopped by my sender check > as it looks now has been stopped by the greylist or the SA check. Of course this > means that the sender check wouldn't really help me stop more spam or virii, but it > would stop some of them at an earlier stage. You could periodically add the most frequently used bad senders into sendmail's access list with REJECT to drop them with even less work. --- Les Mikesell [EMAIL PROTECTED] _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
