On Wed, 22 Nov 2006 09:07:05 -0700, Eric "Shubes" wrote:
> Given that it'd be possible to see how long the rbl lookup takes, the
> problem becomes how to 'remember' not to use that rbl any more. As things
> presently work, each smtp session is a separate process, and there's no way
> for one instance to 'remember' what another has done. You'd need to update
> the blacklists file, and restart qmail. Not something you'd want to do from
> within rblsmtpd.
Do you mean with the timeout solution? It won't need to remember...the timeout
is applied each time a connection is made. Yes that means if there is a bad
blacklist, EVERY smtp connection will last as long as the timeout (5 seconds).
> I'm thinking that a script which would maintain the blacklists file as
> previously mentioned would still be a good thing to have, regardless if
> rblsmtpd can be patched or not.
I still think so too.
Another feature is timing the DNSRBLs and sorting them by their response
speeds, putting the fastest ones first in the blacklists control file. As I
understand it they are processed in order and if the fastest ones are queried
first blocking messages would be quicker. Not a speed up for SMTP connections
where messages do come through. Just an option.
Also this script would need to query the servers directly, so as to not be
skewed by dns caches.
An alternative version of this script is one that is run as part of the
/var/qmail/supervise/smtp/run script or integrated into qmailctl (probably the
latter is better). The blacklists control file is parsed and checked during
smtp server start/restart. If a DNSRBL is unresponsive, just display a message:
"Blacklist xxx.yyy.com not available, skipping...".
I know it seems like DBSRBLs are going up and down every day, but there should
be a lot of stability in this infrastructure as it is. Running a DNSRBL-testing
utility every hour really should *not* be necessary.
Quinn
---------------------------------------------------------------------
QmailToaster hosted by: VR Hosted <http://www.vr.org>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
