trying to greylist only

john crawford jmc-dcc@sociology.osu.edu
Mon May 8 01:29:14 UTC 2006


At 06:49 PM 5/7/2006, Vernon Schryver wrote:
> > From: john crawford
>
> > In testing, I'm getting dcc server bulkiness lookups
> > when I'm trying to ONLY use greylisting functionality with grey-query.
> > So if a message meets reject criterion (like, perhaps, MANY),  I'll not
> > greylist reject if the . Since I
> > have grey-query on the dccifd invocation text, I expect only
> > greylisting to be active.
> > as in
> > " body no-reject rcvd-nxt grey-query"
> > I have
> > GREY_CLIENT_ARGS=IPmask/24
> > GREY_ENABLE=ON
> >
> > I'm hoping to test implement grey-query with the local grey server
> > referenced, yet suppress network dcc server lookups. I'm missing
> > something.
>
>I understand neither the goal nor what undesirable things are happening.
>Qeury-only greylisting is unlikely to be of any use except for testing
>and diagnosing problems.  Greylist embargoes can never end with grey-query,
>because "query" implies "don't change the database," and that implies
>not adding the records that say when the embargo started.  With query-only,
>every message will be met with an "embargo #1"
>
>With the normal settings, greylisting (i.e. 4yz rejection) is done only
>if the message is not determined to be spam by other tests including
>the normal DCC threshold (e.g. MANY).

Vernon, Thank you for the reply.

My goal was to allow the greylist algorithm to stop spammer messages based
on machines that don't retry. It wasn't my goal to permit messages 
that came from
these same machines, yet tested as bulk, to be accepted. I wanted to
use (test) your greylisting functionality independently of dcc metric 
functionality.

I made some changes based on your comments and have
desirable results.  I was misunderstanding some of the docs.
I had interpreted
grey-query: only query the greylist server for this message.

to mean "don't query a dcc server for this message, only a greylist server"

rather than

"for this message query but don't update the greylist server state"

The per user whiteclnt "option dcc-off" which you highlighted
does, in fact, contribute to what I was hoping to achieve.


>The scripts in /var/dcc/cgi-bin are a proof-of-concept CGI interface that
>allow users to monitor their log files and maintain their whiteclnt files.

Yes, I have been using them and they are a helpful tool for my
testing.

Thanks.
John



>Vernon Schryver    vjs@rhyolite.com
>_______________________________________________
>DCC mailing list      DCC@rhyolite.com
>http://www.rhyolite.com/mailman/listinfo/dcc




More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.