2008/9/7 Eric Shubert <[EMAIL PROTECTED]>: > I think I can field this one. ;) > > Davide D'AMICO wrote: >> Hi, >> I'm using spamdyke and I like it a lot. >> I encountered two problems: >> 1) Isn't more useful to graylist senders using their ip address rather >> than only its >> email address, like this: >> /var/db/spamdyke/graylist/domain/rcpt/sender/ip_sender ? > > Some large (think yahoo, gmail) mailers use server pools. Retries might be > sent from a different server, causing a message to be graylisted many times. > > Personally, I think it'd be ok to use IPs for a type of whitelist after the > IP has passed graylisting. After all, once an IP has passed for one > domain/sender, wouldn't it pass for all other domain/senders too? However, > this adds another level of complexity (a pre- and a passed- gray list, > sometimes referred to as a dual key). If this proved to be a good method, a > global whitelist service based on the post-key (simply IP address), sort of > like RBLSs but RWLs, could be implemented. I don't know if anyone's pursued > such a thing or not. Seems feasible to me though. You are right, but server pools are well known (gmail, yahoo, msn and others) and could be easily discovered and included in a whitelist. A spammer tends to use only an IP address or few ip addresses, so using a graylist method with single ip addresses could improve security.
>> 2) if I include an ip address in a whitelist, I become a relay for >> that ip address because >> that ip address bypass ALL other filters? > > No, because authentication is still required for non-local domains. Spamdyke > filters are only bypassed if/when the sender authenticates. > You are right, I think I had a problem in my configuration files. Thanks in advance, dave _______________________________________________ spamdyke-users mailing list [email protected] http://www.spamdyke.org/mailman/listinfo/spamdyke-users
