You really just need to move the DNS RBL/RHSBL tests from their current
location (just after the initial connection) to after the recipient
blacklist test.
In version 3.1.7, all of the changes should be made in spamdyke.c. The
DNS RBL and RHSBL tests are in two blocks, between lines 2817 and 2838,
in run_tests() (marked with comments saying "Check DNS RBL" and "Check
RHSBL"). You'll want to move those lines to smtp_filter(), above the
graylist tests that start on line 1212. They'll need to be contained
inside an "else" block at the end of the "if/elseif/elseif" sequence
that starts on line 1165.
Be sure to change the final "elseif" (the recipient blacklist test) to
surround the "for" loop in a "{}" block. Otherwise your new "else" will
be interpreted inside the loop instead of becoming part of the
"if/elseif/elseif" sequence.
I hope that makes sense. I could probably whip out a patch against the
unmodified version 3.1.7 if that would be better.
DISCLAIMER: Be sure to test thoroughly! I'm only looking at the code as
I type this; I haven't even tried to compile these changes or test them
in any way.
-- Sam Clippinger
Marc Van Houwelingen wrote:
> Sounds like the new version will help me out quite a bit.
>
> For now, maybe I could just insert a redundant black/whitelist check above
> the RBL code? I already have a small mod of my own in there for something
> wildcard related.
>
> Perhaps you could just point me to the line number where I could insert code
> such that it would be read just before the RBL code? I'm happy to play with
> this myself.
>
> -Marc
>
>
> ----- Original Message -----
> From: "Sam Clippinger" <[EMAIL PROTECTED]>
> To: "spamdyke users" <[email protected]>
> Sent: Wednesday, April 09, 2008 2:57 PM
> Subject: Re: [spamdyke-users] Black/whitelists first?
>
>
>> In the current version, you'd have to edit the source and it's not a
>> small change. In the upcoming version, I've already reordered the tests
>> this way. Changing the order will still require editing the source but
>> the changes will be much smaller (I've refactored the filter code quite
>> a bit).
>>
>> spamdyke checks DNS RBLs first because it tries to find a way to reject
>> the incoming connection as quickly as possible. For example, if the
>> connection matches a DNS RBL and you're not using sender/recipient
>> whitelist files or SMTP AUTH, spamdyke will not start qmail at all -- it
>> will imitate an SMTP server long enough to reject the connection. When
>> I wrote that code, I judged it was more important to close qmail than to
>> prevent DNS queries. Because so many spamdyke installations are using
>> sender/recipient whitelists and SMTP AUTH, this logic has become outdated.
>>
>> -- Sam Clippinger
>>
>> Marc Van Houwelingen wrote:
>>> I have a domain that is constantly bombarded with incoming spam. The
>>> spam comes in by the thousands, all to random names @mydomain.com.
>>> Spamdyke is successfully blocking all of them using
>>> recipient-blacklist-file to block the domain and
>>> recipient-whitelist-file to allow the 10 or 15 actual legit exceptions.
>>>
>>> This works great - but the problem is Spamdyke usually rejects most of
>>> this incoming junk for other reasons (RDNS, RBL, etc) before even
>>> checking the blacklist file. The net result is the same of course, but
>>> my mail server ends up having done a bunch of extra DNS/RBL lookup work
>>> when it could have rejected the email simply based on the recipient.
>>>
>>> My question is: Is there a way to make Spamdyke check the
>>> recipient-[black|white]list-files before doing the other resource-costly
>>> lookups?
>>> -Marc
>>>
>>>
>>>
>>> ------------------------------------------------------------------------
>>>
>>> _______________________________________________
>>> spamdyke-users mailing list
>>> [email protected]
>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
>> _______________________________________________
>> spamdyke-users mailing list
>> [email protected]
>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
>>
>
> _______________________________________________
> spamdyke-users mailing list
> [email protected]
> http://www.spamdyke.org/mailman/listinfo/spamdyke-users
_______________________________________________
spamdyke-users mailing list
[email protected]
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
