Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Thread

[RFC] RCPT stage ACL and DATA stage ACL

[RFC] RCPT stage ACL and DATA stage ACL

2006-11-23 by Emmanuel Dreyfus

The idea did pop up in an earlier message, here is a summary for comments:

Currently, our ACL are evaluated after the RCPT stage, except when the
delayedreject option is used. In that situation, they are evaluated
after the DATA stage.

The change: we make the acl and delayedreject statement deprecated (as usual:
not documented anymore, but still supported for backward compatibility), and
we ndreplace them by racl and dacl

racl statements would be ACL evaluated at the RCPT stage. 
dacl statements would be ACL evaluated at the DATA stage.

A few points:

1) The delayedreject feature could be configured as a racl/dacl mix:
racl whitelist from <>
dacl greylist from <> delay 15m

2) The rcpt clause would be forbidden in dacl statements (it would mean
nothing in a multi-recipient message)

3) dacl statement could include new clauses to filter the message body:
len_less value		match if message len is lower than value
len_more value		match if message len is bigger than value
body "string"		match if a line in body contains string
body /regexp/		match if a line in body match regexp
of course such clauses would be forbidden in racl statements


-- 
Emmanuel Dreyfus
manu@...

Re: [RFC] RCPT stage ACL and DATA stage ACL

2006-11-27 by rudeyak

--- In milter-greylist@yahoogroups.com, Emmanuel Dreyfus <manu@...> wrote:
>
> The idea did pop up in an earlier message, here is a summary for
comments:
> 
> Currently, our ACL are evaluated after the RCPT stage, except when the
> delayedreject option is used. In that situation, they are evaluated
> after the DATA stage.
> 
> The change: we make the acl and delayedreject statement deprecated
(as usual:
> not documented anymore, but still supported for backward
compatibility), and
> we ndreplace them by racl and dacl
> 
> racl statements would be ACL evaluated at the RCPT stage. 
> dacl statements would be ACL evaluated at the DATA stage.
> 

Sure seems like this would make it easy to implement the suggestions
posted to the OpenBSD dev-tech list recently (see
http://www.nabble.com/spamd-greylisters%2C-please-test-this.-subtle-but-important-change-p7492972.html).

Re: [milter-greylist] Re: [RFC] RCPT stage ACL and DATA stage ACL

2006-11-27 by manu@netbsd.org

rudeyak <rudeyak@...> wrote:

> Sure seems like this would make it easy to implement the suggestions
> posted to the OpenBSD dev-tech list recently (see
>
http://www.nabble.com/spamd-greylisters%2C-please-test-this.-subtle-but-
important-change-p7492972.html).

I'm not sure it's worth the trouble: spammers now use spyware to find
addresses. They just need a friend of you to be infected in order to get
your address.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.