Milter-greylist

Lawren Quigley-Jones <lawrenqj@...> wrote:

> I haven't given it a whole lot of thought, but the problem with the rcpt
> list is that poprelayd whitelists the entire IP not just for a given
> username.  I think it would get complicated. 

Well the idea to merge poprelayd with ACL is to tell milter-greylist to
check poprelayd only for some users (or IP, or whatever the ACL allows)

For now we have an addr keyword to match an IP against the ACL argument:
acl whitelist addr 10.0.0.8/24 rcpt toto@...

We could have lines like this:
acl whitelist addr bdb "/foo/bar.db" rcpt toto@toto.com 

This would tell milter-greylist to whitelist if the sender IP address is
in DB file "/foo/bar" and recipient is toto@...

While we are there, we could also have flat files:
acl whitelist addr file "/foo/bar.txt" rcpt toto@...

And we could do it for other keywords:
acl whitelist rcpt file "recipients.txt"

And we could also have support for checking against a DNSRBL:
acl greylist addr dns "dnsrbl.example.net"

Of course in order to get decent performances, we should build a list of
external config sources (bdb, file...) when parsing the ACL, and check
addr, domain, rcpt and from against all the sources before evaluating
the ACL.

That's a rather intrusive change. I'm ok to work on it, but I'd like
feedback of other users for the design.

-- 
Emmanuel Dreyfus
Un bouquin en français sur BSD:
http://www.eyrolles.com/Informatique/Livre/9782212114638/livre-bsd.php
manu@netbsd.org