'Re: best greylist method'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       postfix-users
Subject:    Re: best greylist method
From:       SATOH Kiyoshi <satoh0 () hakuba ! jp>
Date:       2006-07-31 8:31:09
Message-ID: 20060731170339.1876.SATOH0 () hakuba ! jp
[Download RAW message or body]

On Mon, 31 Jul 2006 08:51:02 +0100
Simon Waters <simonw@zynet.net> wrote:
Subject: Re: best greylist method

> But I don't think these things are easily comparable. For example this box 
> runs the SBL-XBL blacklist before greylisting, I dare say the database would 
> be larger if we didn't, and one could easily grow the database by storing 
> more information to do a better job, and no doubt it will grow with time.

I recommend Rgrey(S25R+greylisting) aiming at the same effect. 

S25R identifies whether the client is dynamic IP from the pattern of
client FQDN.
Only what matches to S25R does greylisting. 

There is the following benefits in Rgrey. 
- The risk of rejecting legitimate clients becomes lower.
- Postgrey database now contains less entries.


/etc/postfix/main.cf
---
smtpd_restriction_classes =
    check_greylist
check_greylist = check_policy_service inet:60000

smtpd_recipient_restrictions =
    …
    check_client_access regexp:/etc/postfix/check_client_fqdn
---

/etc/postfix/check_client_fqdn
---
/^unknown$/                                  check_greylist
/^[^\.]*[0-9][^0-9\.]+[0-9]/                 check_greylist
/^[^\.]*[0-9]{5}/                            check_greylist
/^([^\.]+\.)?[0-9][^\.]*\.[^\.]+\..+\.[a-z]/ check_greylist
/^[^\.]*[0-9]\.[^\.]*[0-9]-[0-9]/            check_greylist
/^[^\.]*[0-9]\.[^\.]*[0-9]\.[^\.]+\..+\./    check_greylist
/^(dhcp|dialup|ppp|adsl)[^\.]*[0-9]/         check_greylist
---


Study Report of an Anti-spam System with a 99% Block Rate
 -- TheSelective SMTP Rejection (S25R) System --
http://www.gabacho-net.jp/en/anti-spam/anti-spam-system.html

Rgrey
http://k2net.hakuba.jp/rgrey/ (in Japanese)

Better explanation written in English by Mr.MAEDA.
[postgrey] Hostname-based Selective Greylisting
http://lists.ee.ethz.ch/postgrey/msg01214.html


-- 
<satoh@hakuba.jp> http://d.hatena.ne.jp/stealthinu/

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic