I'd like to share something that already works for me for about 2
months. It's extremely simple, fast and reliable:
use String::CRC32;
my $grey_spooldir = '/var/spool/MD-Greylist';
my $grey_allow = 5*60;
sub filter_recipient
{ my ($to, $from, $ip, $name, $first, $helo) = @_;
my $relay_ip = $ip;
$ip =~ s/\.\d+$//; # remove the last byte from IP addresses
my $file = $ip.$from.$to; # this is the greylist tuple file name
$file =~ s/\///g; # remove slashes from email sddresses
my $path = sprintf "$grey_spooldir/%03X", (crc32 $file)%1024;
#-d $path or mkdir $path; # create hash subdirectory when necessary
$file = "$path/$file";
if( !-f $file ) { # first attempt ==> tempfail
open TF, ">$file"; close TF;
md_syslog('info', "Tempfail $ip$from$to");
return ('TEMPFAIL', 'Please try again');
}
my $now = time;
if( !-x $file ) { # next attempt (already tempfailed) ...
my $dtime = $now - (stat _)[9];
if( $dtime >= $grey_allow ) { # ... long enough ==> greylist
& continue
chmod 0755, $file;
utime $now, $now, $file;
md_syslog('info', "Greylist $ip$from$to");
} else { # otherwise ==> tempfail again
md_syslog('info', "Tempfail (again) $ip$from$to")
return ('TEMPFAIL', 'Please try again later');
}
} else { # already greylisted ==> update & continue
utime $now, $now, $file;
md_syslog('info', "Allow (greylisted) $ip$from$to");
}
return ('CONTINUE', 'OK');
}
The above is a stripped down version of the greylisting code only. It
just creates or updates greylist entries (one empty file per entry).
There's also a cron job for cleaning any expired entries, something for
authenticated users to bypass the greylist, a whitelist per relay IP and
recipient domain, simple HELO checks, etc.
It's not a rocket science and anybody knowing perl could write it, but
if anyone is interested I could post the whole thing, it's probably just
about 2-3 times bigger than the above.
For me it handles about 3M greylist entries and so far I had no
problems. It runs on a single box together with Mimedefang/SA/Clamd
processing about 350K messages a day. Before the greylist implementation
the same box was hit by 550-600K messages a day, so the greylist
effectively stops about 30-40% of the email traffic. Some time in the
future I'm planning to share it among multilpe mimedefang machines over NFS.
Disclaimer: I'm not a perl programmer. The above code works for me, but
might not work for you and/or could have bugs. I tried to make it
efficient, but possibly it could have been written better.
Regards,
Atanas
_______________________________________________
Visit http://www.mimedefang.org and http://www.canit.ca
MIMEDefang mailing list
[EMAIL PROTECTED]
http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
