Milter-greylist

Hello

Here is our 3rd release candidate for milter-greylist.

http://ftp.espci.fr/pub/milter-greylist/milter-greylist-2.0rc3.tgz
MD5 (milter-greylist-2.0rc3.tgz) = 5335112c5150dd1b1095f259e69e4da2

Please report any remaining problem. If nothing is reported within 2
weeks, I'll turn it into 2.0.

-- 
Emmanuel Dreyfus
Un bouquin en français sur BSD:
http://www.eyrolles.com/Informatique/Livre/9782212114638/livre-bsd.php
manu@...

Hi, I ve done some more polishing for the 2.0 release candidate, this time in greylist.conf. I ll attach the modified version. There are no functional

Martin Paul <martin@...> writes:

>   - Added some changes from the new version of the list of broken MTAs at
>     http://cvs.puremagic.com/viewcvs/greylisting/schema/

Hello,

I recently discovered those new yahoogroups MTA:

addr 216.155.201.59     #Yahoo groups
addr 216.155.201.60
addr 216.155.201.61
addr 216.155.201.62
addr 216.155.201.63
addr 216.155.201.64
addr 216.155.201.65
addr 216.155.201.66
addr 216.155.201.67
addr 216.155.201.68
addr 216.155.201.69
addr 216.155.201.70


No way to describe as a subnet :-/

On Wed, 8 Jun 2005, Cyril Guibourg wrote:
> addr 216.155.201.59     #Yahoo groups
> ...
> addr 216.155.201.70
> No way to describe as a subnet :-/

Maybe an option to describe a range? eg

addr 216.155.201.59-216.155.201.70

-Dan

>> addr 216.155.201.59     #Yahoo groups
>> ...
>> addr 216.155.201.70
>> No way to describe as a subnet :-/
>
>Maybe an option to describe a range? eg
>
>addr 216.155.201.59-216.155.201.70
>
>-Dan

Or maybe nmap-like: 

addr 216.155.201.59-70

/P

Cyril Guibourg <cg+milter-greylist@...> wrote:

> No way to describe as a subnet :-/

It would probably make sense to have a DNS reverse whitelist of broken
MTA to have this centralized.

-- 
Emmanuel Dreyfus
Un bouquin en français sur BSD:
http://www.eyrolles.com/Informatique/Livre/9782212114638/livre-bsd.php
manu@...

> I recently discovered those new yahoogroups MTA:
> 
> addr 216.155.201.59     #Yahoo groups
> ... 
> 
> No way to describe as a subnet :-/

I allow yahoo mails via "acl whitelist domain .yahoo.com" for quite
some time now, and couldn't see any ill effects (ie. spam from
machines under .yahoo.com). Could be a workaround.

Allowing the specification of IP ranges would probably be nice
to have, and of course a DNS based list of broken MTAs as manu
suggested would be the perfect solution - just needs somebody
to maintain it, and defining "broken" could be argued - is it
just MTAs which never re-send, those which use different from
addresses for each re-try, or also those that need a long time
for the re-send. Not sure if a global whitelist would fit 
anyone.

My setup is rather liberal, with subnetmatch /24 and a long
whitelist (I tend to put whole domains there if I see multiple
auto-whitelisted entries from certain domains/IP-ranges). This
doesn't result in more spam slipping through.

mp.

manu@... writes:

> It would probably make sense to have a DNS reverse whitelist of broken
> MTA to have this centralized.

Yes it makes sense. However, I've checked again my logs and it turns that most of
those MTAs I can see do resend queued messages.

I would bet that the list of IP addrs I provided doesn't contain any broken MTA.
I apologize for this confusion due to to fast lookups into log files.