I may have spoken too soon. It appears now that nothing is being rejected for RBL reasons. I'll see if I can't dig deeper to find the reason.
-Marc ----- Original Message ----- From: "Marc Van Houwelingen" <[EMAIL PROTECTED]> To: "spamdyke users" <[email protected]> Sent: Thursday, April 10, 2008 8:31 PM Subject: Re: [spamdyke-users] Black/whitelists first? > Works perfectly. Thanks very much! > > -Marc > > > ----- Original Message ----- > From: "Sam Clippinger" <[EMAIL PROTECTED]> > To: "spamdyke users" <[email protected]> > Sent: Thursday, April 10, 2008 5:37 PM > Subject: Re: [spamdyke-users] Black/whitelists first? > > >> You really just need to move the DNS RBL/RHSBL tests from their current >> location (just after the initial connection) to after the recipient >> blacklist test. >> >> In version 3.1.7, all of the changes should be made in spamdyke.c. The >> DNS RBL and RHSBL tests are in two blocks, between lines 2817 and 2838, >> in run_tests() (marked with comments saying "Check DNS RBL" and "Check >> RHSBL"). You'll want to move those lines to smtp_filter(), above the >> graylist tests that start on line 1212. They'll need to be contained >> inside an "else" block at the end of the "if/elseif/elseif" sequence >> that starts on line 1165. >> >> Be sure to change the final "elseif" (the recipient blacklist test) to >> surround the "for" loop in a "{}" block. Otherwise your new "else" will >> be interpreted inside the loop instead of becoming part of the >> "if/elseif/elseif" sequence. >> >> I hope that makes sense. I could probably whip out a patch against the >> unmodified version 3.1.7 if that would be better. >> >> DISCLAIMER: Be sure to test thoroughly! I'm only looking at the code as >> I type this; I haven't even tried to compile these changes or test them >> in any way. >> >> -- Sam Clippinger >> >> Marc Van Houwelingen wrote: >>> Sounds like the new version will help me out quite a bit. >>> >>> For now, maybe I could just insert a redundant black/whitelist check >>> above >>> the RBL code? I already have a small mod of my own in there for >>> something >>> wildcard related. >>> >>> Perhaps you could just point me to the line number where I could insert >>> code >>> such that it would be read just before the RBL code? I'm happy to play >>> with >>> this myself. >>> >>> -Marc >>> >>> >>> ----- Original Message ----- >>> From: "Sam Clippinger" <[EMAIL PROTECTED]> >>> To: "spamdyke users" <[email protected]> >>> Sent: Wednesday, April 09, 2008 2:57 PM >>> Subject: Re: [spamdyke-users] Black/whitelists first? >>> >>> >>>> In the current version, you'd have to edit the source and it's not a >>>> small change. In the upcoming version, I've already reordered the >>>> tests >>>> this way. Changing the order will still require editing the source but >>>> the changes will be much smaller (I've refactored the filter code quite >>>> a bit). >>>> >>>> spamdyke checks DNS RBLs first because it tries to find a way to reject >>>> the incoming connection as quickly as possible. For example, if the >>>> connection matches a DNS RBL and you're not using sender/recipient >>>> whitelist files or SMTP AUTH, spamdyke will not start qmail at all -- >>>> it >>>> will imitate an SMTP server long enough to reject the connection. When >>>> I wrote that code, I judged it was more important to close qmail than >>>> to >>>> prevent DNS queries. Because so many spamdyke installations are using >>>> sender/recipient whitelists and SMTP AUTH, this logic has become >>>> outdated. >>>> >>>> -- Sam Clippinger >>>> >>>> Marc Van Houwelingen wrote: >>>>> I have a domain that is constantly bombarded with incoming spam. The >>>>> spam comes in by the thousands, all to random names @mydomain.com. >>>>> Spamdyke is successfully blocking all of them using >>>>> recipient-blacklist-file to block the domain and >>>>> recipient-whitelist-file to allow the 10 or 15 actual legit >>>>> exceptions. >>>>> >>>>> This works great - but the problem is Spamdyke usually rejects most of >>>>> this incoming junk for other reasons (RDNS, RBL, etc) before even >>>>> checking the blacklist file. The net result is the same of course, but >>>>> my mail server ends up having done a bunch of extra DNS/RBL lookup >>>>> work >>>>> when it could have rejected the email simply based on the recipient. >>>>> >>>>> My question is: Is there a way to make Spamdyke check the >>>>> recipient-[black|white]list-files before doing the other >>>>> resource-costly >>>>> lookups? >>>>> -Marc >>>>> >>>>> >>>>> >>>>> ------------------------------------------------------------------------ >>>>> >>>>> _______________________________________________ >>>>> spamdyke-users mailing list >>>>> [email protected] >>>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>>> _______________________________________________ >>>> spamdyke-users mailing list >>>> [email protected] >>>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >>>> >>> >>> _______________________________________________ >>> spamdyke-users mailing list >>> [email protected] >>> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> _______________________________________________ >> spamdyke-users mailing list >> [email protected] >> http://www.spamdyke.org/mailman/listinfo/spamdyke-users >> > > _______________________________________________ > spamdyke-users mailing list > [email protected] > http://www.spamdyke.org/mailman/listinfo/spamdyke-users > _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
