Maintaining a whitelist

Gustav Foseid gustavf-dcc@initio.no
Fri Jul 20 11:56:02 UTC 2001


Vernon Schryver:
> > I am interested in other peoples experiences with building whitelists.
> 
> I think avoiding false positives is more important than preventing
> false nagatives.  It is better to pass spam than to reject legitimate
> mail.  There are at least two ways to do that with the DCC:
> 
>   1. only insert the headers and let end users do any rejecting using
>     procmail or other tools.

This might work with "users" that know what a header is, with "lusers" the
story is completely different.

>   2. use the To: whitelist mechanism in dccm.  Mail sent to white-listed
>     targets is passed regardless of the DCC counts.  Perhaps use `dccm -W`
>     and "OK2" entries to cause only addresses explicitly listed to be
>     affected.  (sheesh!--who wrote and proofread the description of -W?)

This could be a solution. I will see how much time I have to write a client
that will work for me (I am using mostly Postfix, but also Qmail at some
sites).

> Perhaps I need to change how dccm treates mail addressed simultaneously
> to white-listed and unlisted addressees.  Currently, the message
> is rejected, discarded, or delivered to all addressees.  I've resisted
> doing this, because it requires that dccm record the addressees at
> the start of the SMTP transaction and at the end remove those who should
> not receive the message.  It is also not clear what SMTP reply status
> I should generate for a message that is partly delivered.
> What do you think?

I don't know very much about milter, but there is only one way to handle
this, taht I can see. The message must be accepted with "250 OK" and a
bounce message must be sent reporting a delivery failure to each of the
recipients that did not receive the e-mail.

-- 
Gustav Foseid, Initio IT-løsninger AS
gustavf@initio.no



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.