Milter-greylist

> On Fri, Apr 20, 2007 at 01:25:14PM -0400, vn wrote:
>> Still, imho, it defeats the purpose of greylisting...what if someone
>> leaks
>> this secret?  or even the logic of the daily secret change...
>
> 	Right now,  milter-greylist is disabled for these users because
> they complain about the "delay" on "certain" (important) e-mails.
> That _truely_ does defect the purpose.   With the "secret" or "daily
> secret",
> at least greylisting is still inplace.

That seems like a poor way of whitelisting emails. And a bit odd.

> 	Besides,  if a spammer/person really wants to bypass greylisting,
> it's not that hard.    :)  I'm still looking into the urlcheck feature.
> How bout this,  I'm implement it (or something similar) and report back.

If you want to use the same whitelist algorithm on your site it's really
easy. You can just us the urlcheck from my site since it's a public page.

That should do fine for testing.

Make sure to compile a current CVS or 4.0a2.

Then put into your greylist.conf
-----
# Use Url check to accept mail from valid MX hosts without delay
urlcheck "mxhostcheck"
"https://webmail.coltex.nl/spam/mxhostcheck.php?domain=%sf&ip=%i&fuzz=22&delay=900"
5
acl whitelist urlcheck "mxhostcheck"
-----

If you put that in, all mail from valid mail configurations will be
accepted. Then trawl the /var/log/mail/mail.log for "X-Greylist: URL check
passed" and check if the domains you require are matched by the page.

To give you an idea of what it does, this graph might explain it a bit.
http://localtoast.coltex.nl/spam/index.php

Cheers,

Seth