Re: [nznog] [Fwd: [Computer-support] Greylisting - one day after]
Hi Russell Russell Fulton wrote:
This might be of interest to NZNOG members -- we have just implemented grey listing for some addresses and the results have been dramatic to say the least...
Likewise, I've been using greylisting on my various domains, some of which have been receiving spam for many years, for a year or so now. The initial results were staggering, but in recent months I've started to get a trickle comiag through again - looks like the scum are searching for open relays again. Still, at least *that* problem isn't as big as it once was. Cheers Richard -- Richard Stevenson Freelance Unix geek 027 285 5873
Question around this - we are currently looking at implementing it, but we have three mail servers behind a load balancer. The software we're looking at is postgrey (as we use Postfix), but it uses BDB database files... Which means each server has an individual greylisting database, and mail could potentially (worst case) be bounced three times before getting through. Has anyone solved this problem already? Jasper Richard wrote:
Hi Russell
Russell Fulton wrote:
This might be of interest to NZNOG members -- we have just implemented grey listing for some addresses and the results have been dramatic to say the least...
Likewise, I've been using greylisting on my various domains, some of which have been receiving spam for many years, for a year or so now. The initial results were staggering, but in recent months I've started to get a trickle comiag through again - looks like the scum are searching for open relays again. Still, at least *that* problem isn't as big as it once was.
Cheers
Richard
-- Richard Stevenson Freelance Unix geek 027 285 5873
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
Postgrey is a service, which in most cases runs on 127.0.0.1 on a port of your choice. There is nothing stopping you from binding the service to a public/private address and pointing all your postfix MTAs to the same service. This is the recommended way to deploy greylisting on email clusters ... best regards, truman On 16/11/2006, at 2:08 PM, Jasper Bryant-Greene wrote:
Question around this - we are currently looking at implementing it, but we have three mail servers behind a load balancer. The software we're looking at is postgrey (as we use Postfix), but it uses BDB database files...
Which means each server has an individual greylisting database, and mail could potentially (worst case) be bounced three times before getting through. Has anyone solved this problem already?
Jasper
Richard wrote:
Hi Russell
Russell Fulton wrote:
This might be of interest to NZNOG members -- we have just implemented grey listing for some addresses and the results have been dramatic to say the least...
Likewise, I've been using greylisting on my various domains, some of which have been receiving spam for many years, for a year or so now. The initial results were staggering, but in recent months I've started to get a trickle comiag through again - looks like the scum are searching for open relays again. Still, at least *that* problem isn't as big as it once was.
Cheers
Richard
-- Richard Stevenson Freelance Unix geek 027 285 5873
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
Jasper Bryant-Greene wrote:
Question around this - we are currently looking at implementing it, but we have three mail servers behind a load balancer. The software we're looking at is postgrey (as we use Postfix), but it uses BDB database files...
Which means each server has an individual greylisting database, and mail could potentially (worst case) be bounced three times before getting through. Has anyone solved this problem already?
Probably not a help for your situation, but for other sendmail users on the list, we are using milter-greylist (http://hcpnet.free.fr/milter-greylist/). It supports syncing the database amongst multiple MXes. The "database" is in memory and dumped to text file every 5 minutes. From the .conf file:
# If you work with multiple MXs, list them with # peer entries to enable greylist sync among the MXs. #peer 192.0.2.17 #peer 192.0.2.18
# You may wish to use a specific local address or port for # syncing between MXs. Of course one of your interfaces # must have the address assigned. An '*' for the address # means any address. #syncaddr * #syncaddr * port 7689 #syncaddr 192.0.2.2 #syncaddr 192.0.2.2 port 9785 #syncaddr 2001:db8::1:c3b5:123 #syncaddr 2001:db8::1:c3b5:123 port 1234
--
Chris Edsall PGP KeyID 873A97AB
Postgrey is a service, which in most cases runs on 127.0.0.1 on a port of your choice. There is nothing stopping you from binding the service to a public/private address and pointing all your postfix MTAs to the same service. This is the recommended way to deploy greylisting on email clusters ... best regards, truman On 16/11/2006, at 2:08 PM, Jasper Bryant-Greene wrote:
Question around this - we are currently looking at implementing it, but we have three mail servers behind a load balancer. The software we're looking at is postgrey (as we use Postfix), but it uses BDB database files...
Which means each server has an individual greylisting database, and mail could potentially (worst case) be bounced three times before getting through. Has anyone solved this problem already?
Jasper
Richard wrote:
Hi Russell
Russell Fulton wrote:
This might be of interest to NZNOG members -- we have just implemented grey listing for some addresses and the results have been dramatic to say the least...
Likewise, I've been using greylisting on my various domains, some of which have been receiving spam for many years, for a year or so now. The initial results were staggering, but in recent months I've started to get a trickle comiag through again - looks like the scum are searching for open relays again. Still, at least *that* problem isn't as big as it once was.
Cheers
Richard
-- Richard Stevenson Freelance Unix geek 027 285 5873
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
_______________________________________________ NZNOG mailing list NZNOG(a)list.waikato.ac.nz http://list.waikato.ac.nz/mailman/listinfo/nznog
Jasper Bryant-Greene wrote:
Question around this - we are currently looking at implementing it, but we have three mail servers behind a load balancer. The software we're looking at is postgrey (as we use Postfix), but it uses BDB database files...
Which means each server has an individual greylisting database, and mail could potentially (worst case) be bounced three times before getting through. Has anyone solved this problem already?
Yes, postgrey was forked. http://sqlgrey.sourceforge.net/ -- Best Regards Daniel Griggs Internet Operations FX Networks
On 16 Nov 2006 at 14:08, Jasper Bryant-Greene wrote:
Question around this - we are currently looking at implementing it, but we have three mail servers behind a load balancer. The software we're looking at is postgrey (as we use Postfix), but it uses BDB database files...
Which means each server has an individual greylisting database, and mail could potentially (worst case) be bounced three times before getting through. Has anyone solved this problem already?
What you could use for greylisting is use spamd/pf, from OpenBSD (also available on FreeBSD, possibly other BSDs). You can have one or N such boxes handling the incoming smtp connections. These boxes can share their data amongst themselves (using CARP). They can redirect connections to a number of smtp servers. University of Alberta uses this. Some stats: 3,000,000 smtp connections in 3 days. 450,000 eventual mail deliveries. Slides here: http://www.ualberta.ca/~beck/nycbug06/spamd/ I've recently deployed greylisting (on a much smaller scale). It is cut down spam dramatically. Sorry, no stats. -- Dan Langille : Software Developer looking for work my resume: http://www.freebsddiary.org/dan_langille.php
Would the mail administrator for NetSmart please contact me off list or ring me on 09 488 9352 regarding their postgrey config. regards Peter Mott CharterMe.Travel -/-
participants (7)
-
Christopher Edsall -
Dan Langille -
Daniel -
Jasper Bryant-Greene -
Peter Mott -
Richard -
Truman Boyes