Re: [toaster] updates
Bill Shupp wrote: Rick Macdougall wrote: I'm in the process of re-writing the greylist patch to allow per user whitelisting (local users) I'd be interested to see if that increases the per connection overhead on a busy system. It shouldn't too much as it's already doing three queries per connection, so one more shouldn't hurt it too much. Actually, I can probably add my per user lookup to one of the queries that already happens. as well as adding that option to my php SA user interface. After that it will be up to the user if they want to use greylisting or not. Is this user interface publicly available? Yes, it's just a stand alone interface that allows users to modify their SQL user preferences. There is also a squirrelmail plugin based on it. It's some old code that I inherited from one of the users on the SA mailing list and I've upgraded as needed to keep it working with the current versions. It does need a major re-write to support register_globals off and make it a bit more modular but seeing as it works for me in it's current form, it's down the to-do list a bit. Regards, Rick
Re: [toaster] updates
Bill Shupp wrote: Rick Macdougall wrote: Hi, Bill was my patch for the greylisting problem where smtp-auth is used included ? (I'm not even sure I submitted to the list now). Basically it would not allow clients who had used smtp auth to send mail to send mail, giving a 421 try-again later error (as is normal with the greylist patch). Yes, but it's slightly different. I did add the relayclient definition, but did NOT move the call to envelope_scanner below the chkuser code, as you had done. There's no reason to run chkuser code if we're going to defer the connection, it's not as efficient. Hi, To me I'd rather reject it out right for unknown users rather than doing 3 mysql lookups on the first attempt, then doing another 3 on the second attempt and then doing the chkusr overhead (over even another 3 and another 3, depending on who long your wait is to accept it and how often the remote server re-tries). I don't think it really matters either way unless you get a joe-job bounce spam attack, in which case your method would probably kill the server in question with lookups. Regards, Rick
