On Tue, Sep 25, 2007 at 11:47:28AM +0100, Giles Westwood i wrote:
> > I think it's a bit silly to score countries in the context of what
> > policyd-weight does. It weights helo/dns/etc with scoring tuned
> > specifically
> > for it. If you add something like this to the mix, it gets pretty badly
> > off-balanced I think?
I think I've already stated that such changes (i.e. scoring by nationality,
race, sex, age, opinion, religion) will be only available as inofficial
patch which I do not host or give support for.
I also recalled that I even have troubles with scoring OS/MTAs.
People told me, that it is not up to me what to score but to give the
possibility to score. Which is partly true.
I think it is ok for people who want to setup a denial rampart stage to
implement such possibilities themselves.
Policyd-weight however does not want to be zero tolerant and a denial rampart.
Policyd-weight does only want to enforce some configuration and
does get a little help by RBLs (I've already stated, that I would love to
get rid of RBLs, too).
I admit, that the random sender check breaks this philosophy. The random
sender check may even cause false positives. However, the random sender
can be reconfigured - and the defaults score only high if DNSBL listed.
The success of viruses and phishing is not only the fault of people who
click on everything - it is more the fault of administrators who accept
any faulty configuration (permitted by RFCs). I sometimes have the feeling
that phishers and viruses point to the RFCs saying "see, look at the RFCs, you
must accept me, <nelson>Haa Haaa</nelson>" or "look at all the admins which
accept such SMTP crap even though the RFCs permit them to reject such stuff,
He He".
> My combination of postgrey and policyd with my corporate related tweaks
> works great though and we're considering removing dspam as it's hardly
> needed.
>
> I'm afraid that I use policyd unmodified on a different server with lots
> of unrelated clients but I had to set reject levels very high because
> genuine mail was rejected.
Policyd-weight is designed to enforce a even more precise MTA configuration
for dialup users. I.e. people who want to run a MTA on a dialup should
setup every piece correctly and preferably sign up for a free DynDNS MX
host. Whereas people from foreign countries do not really have a chance.
Except sign up for a different country -- which is more of a burden and not
free.
Note: I mail sometimes from home with a DUL listed dialup through ek-muc and
the home MTA must pass polw. This does only fail if I get a spamhaus listed
IP - which is resolved by reconnecting automatically.
This all does not mean that the patch is completely rejected, I haven't read
everything yet.
--
Robert Felber (PGP: 896CF30B)
Munich, Germany
____________________________________________________________
Policyd-weight Mailinglist - http://www.policyd-weight.org/
