Milter-greylist

On Sat, 12 Nov 2005, Emmanuel Dreyfus wrote:
> On Fri, Nov 11, 2005 at 02:47:27PM -0600, Ken Serrine wrote:
>> To be flexible, this would all be more complicated, of course.  We would
>> want to minimize the number of LDAP lookups, I think.  So, to cover all
>> combinations of ACLs, I think we'd need options to determine if we just
>> wanted "rcpt", or "domain", etc.
>> In my case, if I only cared about "rcpt", then I wouldn't want the
>> milter doing lookups for "domain", "from", etc.
> It seems a pity to left the ability for users to greylist everything but
> some DNS domains, IP block or sender combinaison. I can understand you
> don't want to implement it now because it is of no interest for you yet,
> but it would be good to decide of a LDAP directory structure that will
> fit the complicated setup later.
> I'm not knwoledgable in LDAP, so I cannot be of a lot of help. Is it
> possible to query LDAP to retreive a whole branch of the tree? If it is
> then we could fetch a set of ACL stored for a recipient.

I think something more flexible would be to integrate lua support, so 
people can easily script support for mysql/ldap/abcxyz, with their own 
special site-specific rulesets. They can filter rcpt or domain or helo 
or any complex combination they like.

-Dan