[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: spam blocking engine

On Thu, 19 Dec 2002 10:17:09 -0500 Peter Varga <peter_(_dot_)_varga_(_at_)_screaminet_(_dot_)_com> wrote:

> On Thu, Dec 19, 2002 at 09:40:50AM -0500, Richard Welty wrote:
> > 
> > having thought about this a little more, i think that some facility to
> > support whitelisting would be nice, either via something like a
> berkeley db
> > file of allowed nets or a list of "whitelist" dnsbls.
> Read /usr/share/sendmail/README.
> It sounds like the access feature in sendmail.

methinks you're not paying attention to the discussion.

what theo is proposing (and apparently well along in implementing) is a
lightweight insert in front of sendmail and sendmail compatible MTAs
that would divert certain traffic into a tarpit.

i'm suggesting two things:

1) a generalized method for deciding which IPs are candidates

2) a whitelist so that we can make exceptions when needed.

the sendmail access features are nice; i happen to use exim and the exim
ACLs are nice as well. the issue is avoiding incurring the cost of forking
off yet another heavyweight MTA process.

i'm more than 1/2 ready to offer to implement an ACL interface for this
project, but theo hasn't given out all the details on what he is doing and
whether something like that would fit in (he might have written one

Richard Welty                                         rwelty_(_at_)_averillpark_(_dot_)_net
Averill Park Networking                                         518-573-7592
              Unix, Linux, IP Network Engineering, Security