The RHSBL filter checks rDNS names and sender addresses, not recipient addresses. It also produces permanent rejection codes, not temporary ones. If you're seeing the same sender rejected repeatedly, it's because the remote server is sending repeatedly.
Also, spamdyke should be disconnecting (and killing) qmail as soon as the blacklisted sender is given (depending on your configuration -- if you're using a recipient whitelist, qmail is disconnected after the RCPT command). After that, all SMTP traffic is answered by spamdyke (with rejection codes). So at least for that short time, spamdyke is saving resources. However, with regard to blacklisted recipients, the reason spamdyke runs its filters before passing the RCPT command to qmail is because there may be multiple recipients. Once a recipient has been passed to qmail, it cannot be removed. Passing the RCPT command just to check the status code would effectively defeat spamdyke. For example, imagine an unpatched qmail server. The remote server names a blacklisted recipient, spamdyke passes it to qmail, checks the status code, then sends a rejection to the remote server. Then the remote server names a second recipient that is not blacklisted. spamdyke must allow the message to pass through because the second recipient is legitimate. However, because the first recipient was already sent to qmail, that recipient will also receive the message. -- Sam Clippinger Andras Korn wrote: > Hi, > > since I installed spamdyke my logs are inundated with messages like this > one: > > DENIED_RHSBL_MATCH from: [EMAIL PROTECTED] to: [EMAIL PROTECTED] origin_ip: > 85.179.173.120 origin_rdns: e179173120.adsl.alicedsl.de auth: (unknown) > > The recipient address is bogus and my (patched) qmail-smtpd would reject it > permanently. Apparently, since it matches a RHSBL, spamdyke rejects the > message temporarily, and the same client keeps trying for a while, always > costing me some resources. > > I think this is wasteful; it would be better to only do the RHSBL lookup > after the backend qmail-smtpd accepted the recipient address. If the > backend qmail-smtpd throws a permanent rejection, spamdyke could just pass > it on to the client. > > Andras > _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
