Milter-greylist

Oliver Fromme wrote:
> manu@... <mailto:manu%40netbsd.org> wrote:
>  > Oliver Fromme wrote:

>  > If you call a local executable, you fork a process on each query.
> 
> Not necessarily. A single process could handle multiple
> queries (i.e. read one query from stdin, write result to
> stdout), and it only needs to be restarted if it terminates
> for some reason.

There is another aspect you need to consider. Security.

When you call out the urlcheck against your "authentication" source 
there is no actual authentication information sent across the network.

With the urlcheck facility the authentication is processed on the local 
host which then decides to whitelist greylist or whatever.

And in the case of my urlcheck against a https site the end-to-end 
transport is secure as well. This against running a local binary which 
then authenticates against a remote source (ldap) without encryption.
Which then quite possibly communicates authentication information or 
user information unencrypted.

Think Big.

Just my 2 cents.

Cheers,

Seth