Hugo Monteiro wrote:
> Hello list,
>
> Recently i've been receiving quite a lot of spam, from different places,
> with a common denominator. The helo presented by the connecting "server"
> is in the form of SPK<number>.localdomain. This is most likely caused by
> infected workstations, although i am using greylisting also.
>
> I was wondering if i used a wildcard like %.localdomain, in the
> blacklist_helo table, my policyd v1 server would take care of business.
>
> Thank you all in advance.
>
> Hugo Monteiro.
>
>
Looks like it's a no go. I decided to take a quick look at the code
(v1.80), and i was wondering if changing the query build line in
blacklist_helo.c from
snprintf(mysqlquery_array[fd], 512,
"SELECT COUNT(_helo) FROM blacklist_helo WHERE _helo='%s'",
triplet_array[fd][5]);
to
snprintf(mysqlquery_array[fd], 512,
"SELECT COUNT(_helo) FROM blacklist_helo WHERE '%s' LIKE _helo",
triplet_array[fd][5]);
would cause significant performance issues.
Regards,
Hugo Monteiro.
--
ci.fct.unl.pt:~# cat .signature
Hugo Monteiro
Email : [EMAIL PROTECTED]
Telefone : +351 212948300 Ext.15307
Centro de Informática
Faculdade de Ciências e Tecnologia da
Universidade Nova de Lisboa
Quinta da Torre 2829-516 Caparica Portugal
Telefone: +351 212948596 Fax: +351 212948548
www.ci.fct.unl.pt [EMAIL PROTECTED]
ci.fct.unl.pt:~# _
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
policyd-users mailing list
policyd-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/policyd-users
