use String::CRC32; my $grey_spooldir = '/var/spool/MD-Greylist'; my $grey_allow = 5*60;
sub filter_recipient
{ my ($to, $from, $ip, $name, $first, $helo) = @_;
my $relay_ip = $ip; $ip =~ s/\.\d+$//; # remove the last byte from IP addresses
my $file = $ip.$from.$to; # this is the greylist tuple file name
$file =~ s/\///g; # remove slashes from email sddresses my $path = sprintf "$grey_spooldir/%03X", (crc32 $file)%1024;
#-d $path or mkdir $path; # create hash subdirectory when necessary
$file = "$path/$file"; if( !-f $file ) { # first attempt ==> tempfail open TF, ">$file"; close TF;
md_syslog('info', "Tempfail $ip$from$to");
return ('TEMPFAIL', 'Please try again');
} my $now = time;
if( !-x $file ) { # next attempt (already tempfailed) ...my $dtime = $now - (stat _)[9];
if( $dtime >= $grey_allow ) { # ... long enough ==> greylist & continue
chmod 0755, $file;
utime $now, $now, $file;
md_syslog('info', "Greylist $ip$from$to"); } else { # otherwise ==> tempfail again md_syslog('info', "Tempfail (again) $ip$from$to")
return ('TEMPFAIL', 'Please try again later');
} } else { # already greylisted ==> update & continue utime $now, $now, $file;
md_syslog('info', "Allow (greylisted) $ip$from$to");
}
return ('CONTINUE', 'OK');
}The above is a stripped down version of the greylisting code only. It just creates or updates greylist entries (one empty file per entry). There's also a cron job for cleaning any expired entries, something for authenticated users to bypass the greylist, a whitelist per relay IP and recipient domain, simple HELO checks, etc.
It's not a rocket science and anybody knowing perl could write it, but if anyone is interested I could post the whole thing, it's probably just about 2-3 times bigger than the above.
For me it handles about 3M greylist entries and so far I had no problems. It runs on a single box together with Mimedefang/SA/Clamd processing about 350K messages a day. Before the greylist implementation the same box was hit by 550-600K messages a day, so the greylist effectively stops about 30-40% of the email traffic. Some time in the future I'm planning to share it among multilpe mimedefang machines over NFS.
Disclaimer: I'm not a perl programmer. The above code works for me, but might not work for you and/or could have bugs. I tried to make it efficient, but possibly it could have been written better.
Regards, Atanas _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
