Milter-greylist

I've been requested by some people to have milter greylist automatically 
add address book names to its whitelist.  Since I don't have access to 
client address books on my server, I'm planning on scanning IMAP 
databases for addresses.  Any address that appears in a sent folder or 
in a receipt folder other than Junk for longer than a few days will get 
added to a whitelist in greylist.conf. 

Is there an easier way to do this?

Also, I currently don't use SPF whitelisting.  Maybe that will waylay 
the need for complex whitelisting. I want to use it, but haven't gotten 
to updating yet.  I've read that it only has 10% to 20% adoption, so it 
may not give me such a big benefit, other than being part of the cause I 
guess.

Thanks.

JMHO, but I enabled spf about 2 months ago, and it appears that a much  
higher percentage of spammers are using SPF now.

Yes, it alleviates the delay for valid email.. and spam.

As noted previously on this list, greylisting should not be the only  
spam check.

Bill

On Feb 3, 2009, at 4:32 PM, Mark Walker wrote:

> I've been requested by some people to have milter greylist  
> automatically
> add address book names to its whitelist.  Since I don't have access to
> client address books on my server, I'm planning on scanning IMAP
> databases for addresses.  Any address that appears in a sent folder or
> in a receipt folder other than Junk for longer than a few days will  
> get
> added to a whitelist in greylist.conf.
>
> Is there an easier way to do this?
>
> Also, I currently don't use SPF whitelisting.  Maybe that will waylay
> the need for complex whitelisting. I want to use it, but haven't  
> gotten
> to updating yet.  I've read that it only has 10% to 20% adoption, so  
> it
> may not give me such a big benefit, other than being part of the  
> cause I
> guess.
>
> Thanks.
>
>
> ------------------------------------
>
> Yahoo! Groups Links
>
>
>

Hi,

> I've been requested by some people to have milter greylist 
> automatically add address book names to its whitelist.  Since I 
> don't have access to client address books on my server, I'm planning 
> on scanning IMAP databases for addresses.  Any address that appears 
> in a sent folder or in a receipt folder other than Junk for longer 
> than a few days will get added to a whitelist in greylist.conf.
> 
> Is there an easier way to do this?

The easiest way would be to allow recipients to have access to a web page and
add sender addresses themselves. The developer (Emmanuel) has a system in
place which does this already I believe, but it's based on custom scripts.

I do hope at some stage this year to build a web interface to milter-greylist,
the issue isn't getting it done (relatively easy) just finding the time I can
sit down and do it.

I've been thinking along these lines for some time now, to allow the web
interface to add/remove whitelist/blacklist entries by people with accounts,
but for this to work I'd need to have milter-greylist support "include"
statements in the main greylist.conf file so I could use something like:

include greylist.whitelist.conf
include greylist.blacklist.conf
include greylist.spf.conf
include greylist.rbl.conf
include greylist.country.conf
include greylist.greylist.conf

etc in it while allowing easy manipulation of the respective files. I think I
raised an "include" file system some time back when I started to think about
the web interface side of things, but without actually sitting down and
working on it there's no reason yet to ask for it.

> Also, I currently don't use SPF whitelisting.  Maybe that will 
> waylay the need for complex whitelisting. I want to use it, but 
> haven't gotten to updating yet.  I've read that it only has 10% to 
> 20% adoption, so it may not give me such a big benefit, other than 
> being part of the cause I guess.

I use the spf facility to reject messages at the MTA. Before using it so much
SPF:Fail trash would come through, after using it, rejects at the MTA meant no
more came through with Fails, and I've never had even one complaint about
rejecting that SPF:Fail'ed mail.

Regards,

Michael.

> Thanks.
> 
> ------------------------------------
> 
> Yahoo! Groups Links
> 
> 
>

I think SPF would become very important for address and domain based 
whitelisting.  For instance if people here whitelisted 
milter-greylist@yahoogroups.com, what's to stop a spammer from sending 
mail with that from address?  SPF would.  I suppose the rule would be 
that in order to whitelist widely known domains like yahoo.com and 
google.com, you'd want to insist on SPF.


Bill Levering wrote:

> JMHO, but I enabled spf about 2 months ago, and it appears that a much 
> higher percentage of spammers are using SPF now.
>
> Yes, it alleviates the delay for valid email.. and spam.
>

If I had my wish for a hook into mgl, I'd want some sort of "callback" 
where I can implement a server to answer questions about whitelisting or 
denial.  I guess it would be a sort of mini-milter inside mgl, but I 
find the milter spec very difficult to implement.  Some very simple 
protocol like:

mgl: from=myname@...;host=xxxxx;etc
server: reject or delay or dontdelay etc.

That way you could make a server that doesn't add to the complexity of 
mgl, but can make it much more versatile.

Just my thoughts.

Thanks.


Michael Mansour wrote:

>
> Hi,
>
> > I've been requested by some people to have milter greylist
> > automatically add address book names to its whitelist. Since I
> > don't have access to client address books on my server, I'm planning
> > on scanning IMAP databases for addresses. Any address that appears
> > in a sent folder or in a receipt folder other than Junk for longer
> > than a few days will get added to a whitelist in greylist.conf.
> >
> > Is there an easier way to do this?
>
> The easiest way would be to allow recipients to have access to a web 
> page and
> add sender addresses themselves. The developer (Emmanuel) has a system in
> place which does this already I believe, but it's based on custom scripts.
>
> I do hope at some stage this year to build a web interface to 
> milter-greylist,
> the issue isn't getting it done (relatively easy) just finding the 
> time I can
> sit down and do it.
>
> I've been thinking along these lines for some time now, to allow the web
> interface to add/remove whitelist/blacklist entries by people with 
> accounts,
> but for this to work I'd need to have milter-greylist support "include"
> statements in the main greylist.conf file so I could use something like:
>
> include greylist.whitelist.conf
> include greylist.blacklist.conf
> include greylist.spf.conf
> include greylist.rbl.conf
> include greylist.country.conf
> include greylist.greylist.conf
>
> etc in it while allowing easy manipulation of the respective files. I 
> think I
> raised an "include" file system some time back when I started to think 
> about
> the web interface side of things, but without actually sitting down and
> working on it there's no reason yet to ask for it.
>
> > Also, I currently don't use SPF whitelisting. Maybe that will
> > waylay the need for complex whitelisting. I want to use it, but
> > haven't gotten to updating yet. I've read that it only has 10% to
> > 20% adoption, so it may not give me such a big benefit, other than
> > being part of the cause I guess.
>
> I use the spf facility to reject messages at the MTA. Before using it 
> so much
> SPF:Fail trash would come through, after using it, rejects at the MTA 
> meant no
> more came through with Fails, and I've never had even one complaint about
> rejecting that SPF:Fail'ed mail.
>
> Regards,
>
> Michael.
>
> > Thanks.
> >
> > ------------------------------------
> >
> > Yahoo! Groups Links
> >
> >
> >
>
>

On Tue, 3 Feb 2009, Mark Walker wrote:

Might I suggest doing something on the "outbound" or SMTP-authenticated 
mail, similar to anthony howe's milter-abook, that just gathers addresses 
of "known" email contacts?

Given this doesn't give you access to historical data (which might be what 
the original poster wanted), but over time it could provide a much more 
useful corpus and as a bonus it works regardless of what addressbook 
storage methods your clients are using, so long as they're sending via 
smtp.

-Dan


> 
> If I had my wish for a hook into mgl, I'd want some sort of "callback"
> where I can implement a server to answer questions about whitelisting or
> denial. I guess it would be a sort of mini-milter inside mgl, but I
> find the milter spec very difficult to implement. Some very simple
> protocol like:
> 
> mgl: from=myname@...;host=xxxxx;etc
> server: reject or delay or dontdelay etc.
> 
> That way you could make a server that doesn't add to the complexity of
> mgl, but can make it much more versatile.
> 
> Just my thoughts.
> 
> Thanks.
> 
> Michael Mansour wrote:
> >
> > Hi,
> >
> > > I've been requested by some people to have milter greylist
> > > automatically add address book names to its whitelist. Since I
> > > don't have access to client address books on my server, I'm planning
> > > on scanning IMAP databases for addresses. Any address that appears
> > > in a sent folder or in a receipt folder other than Junk for longer
> > > than a few days will get added to a whitelist in greylist.conf.
> > >
> > > Is there an easier way to do this?
> >
> > The easiest way would be to allow recipients to have access to a web
> > page and
> > add sender addresses themselves. The developer (Emmanuel) has a system in
> > place which does this already I believe, but it's based on custom scripts.
> >
> > I do hope at some stage this year to build a web interface to
> > milter-greylist,
> > the issue isn't getting it done (relatively easy) just finding the
> > time I can
> > sit down and do it.
> >
> > I've been thinking along these lines for some time now, to allow the web
> > interface to add/remove whitelist/blacklist entries by people with
> > accounts,
> > but for this to work I'd need to have milter-greylist support "include"
> > statements in the main greylist.conf file so I could use something like:
> >
> > include greylist.whitelist.conf
> > include greylist.blacklist.conf
> > include greylist.spf.conf
> > include greylist.rbl.conf
> > include greylist.country.conf
> > include greylist.greylist.conf
> >
> > etc in it while allowing easy manipulation of the respective files. I
> > think I
> > raised an "include" file system some time back when I started to think
> > about
> > the web interface side of things, but without actually sitting down and
> > working on it there's no reason yet to ask for it.
> >
> > > Also, I currently don't use SPF whitelisting. Maybe that will
> > > waylay the need for complex whitelisting. I want to use it, but
> > > haven't gotten to updating yet. I've read that it only has 10% to
> > > 20% adoption, so it may not give me such a big benefit, other than
> > > being part of the cause I guess.
> >
> > I use the spf facility to reject messages at the MTA. Before using it
> > so much
> > SPF:Fail trash would come through, after using it, rejects at the MTA
> > meant no
> > more came through with Fails, and I've never had even one complaint about
> > rejecting that SPF:Fail'ed mail.
> >
> > Regards,
> >
> > Michael.
> >
> > > Thanks.
> > >
> > > ------------------------------------
> > >
> > > Yahoo! Groups Links
> > >
> > >
> > >
> >
> >
> 
> 
>

-- 

"It would be bad."

-Egon Spengler, "Ghostbusters"

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org
---------------------------

Bill Levering <idbill@...> wrote:

> JMHO, but I enabled spf about 2 months ago, and it appears that a much
> higher percentage of spammers are using SPF now.

We have a nice feature for catching wide-open SPF record:
        racl blacklist spf self
will reject message if your own IP is in the SPF range for the domain of
the message sender. 

Apart from that, I think SPF can be useful to whitelist yahoo's mail
farms and other big providers, but should not be used blindly. In fact
it woud be nice to have a DNS reverse white list of legitimate SPF
enabled domains.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Mark Walker <furface@...> wrote:

> If I had my wish for a hook into mgl, I'd want some sort of "callback"
> where I can implement a server to answer questions about whitelisting or
> denial.  I guess it would be a sort of mini-milter inside mgl, but I 
> find the milter spec very difficult to implement.  Some very simple 
> protocol like:
> 
> mgl: from=myname@...;host=xxxxx;etc
> server: reject or delay or dontdelay etc.

The inter MX sync protocol could be easily enhanced to do that. Are you
willing to work on it?

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Michael Mansour <mic@...> wrote:

> I do hope at some stage this year to build a web interface to milter-greylist,

I had such a beast working for years, now.

My milter-greylist setup fetches per-user settings from a LDAP
directory, and I have a web app for users to alter various custom filter
and their personnal whitelist/greylist. 

The reason why I did not publish the web app is that I am not a web
developper. The code is ugly and bloated with site-specific stuff. 

Side note: sendmail uses LDAP for mail routing, and I have GNARWL for
auto-responder, which also use LDAP. Therefore the web app also allows
altering mail redirections and vacation messages. This is .forward
available for the masses :-)

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

Sure, I'd love to.  I'm not sure what the inter MX sync protocol is, but 
I'm definitely looking into it.  I need to get the latest source working 
and then I'll probably have some questions.  If you could give me a hint 
about where to look to inject the code, that would be great.

Thanks.


manu@... wrote:

>
> Mark Walker <furface@... <mailto:furface%40omnicode.com>> wrote:
>
> > If I had my wish for a hook into mgl, I'd want some sort of "callback"
> > where I can implement a server to answer questions about whitelisting or
> > denial. I guess it would be a sort of mini-milter inside mgl, but I
> > find the milter spec very difficult to implement. Some very simple
> > protocol like:
> >
> > mgl: from=myname@... 
> <mailto:from%3Dmyname%40myaddress.com>;host=xxxxx;etc
> > server: reject or delay or dontdelay etc.
>
> The inter MX sync protocol could be easily enhanced to do that. Are you
> willing to work on it?
>
> -- 
> Emmanuel Dreyfus
> http://hcpnet.free.fr/pubz <http://hcpnet.free.fr/pubz>
> manu@... <mailto:manu%40netbsd.org>
>
>

Mark Walker <furface@...> wrote:

> Sure, I'd love to.  I'm not sure what the inter MX sync protocol is, but
> I'm definitely looking into it.  I need to get the latest source working
> and then I'll probably have some questions.  If you could give me a hint
> about where to look to inject the code, that would be great.

Look at sync.c:sync_server()
You want to add a command here. 

Note that your work is likely to conflict with reschauzier's one.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...

I don't want to conflict with anybody.  I'll take a look at sync.c and 
see what I can do, and post some code.  If it conflicts or is redundant, 
it's no big deal, we can deal with it , or else I'll have just spent 
some time learning some new techniques.

Thanks.


manu@... wrote:

>
> Mark Walker <furface@... <mailto:furface%40omnicode.com>> wrote:
>
> > Sure, I'd love to. I'm not sure what the inter MX sync protocol is, but
> > I'm definitely looking into it. I need to get the latest source working
> > and then I'll probably have some questions. If you could give me a hint
> > about where to look to inject the code, that would be great.
>
> Look at sync.c:sync_server()
> You want to add a command here.
>
> Note that your work is likely to conflict with reschauzier's one.
>
> -- 
> Emmanuel Dreyfus
> http://hcpnet.free.fr/pubz <http://hcpnet.free.fr/pubz>
> manu@... <mailto:manu%40netbsd.org>
>
>

Or else maybe I misunderstood what you were saying.  That we would be 
working on the same code base at the same time on different things?  
That's fine too.  I'll look at what Reschauzier is doing and make sure I 
sync up.

Thanks.


Mark Walker wrote:

>
> I don't want to conflict with anybody. I'll take a look at sync.c and
> see what I can do, and post some code. If it conflicts or is redundant,
> it's no big deal, we can deal with it , or else I'll have just spent
> some time learning some new techniques.
>
> Thanks.
>
> manu@... <mailto:manu%40netbsd.org> wrote:
> >
> > Mark Walker <furface@... <mailto:furface%40omnicode.com> 
> <mailto:furface%40omnicode.com>> wrote:
> >
> > > Sure, I'd love to. I'm not sure what the inter MX sync protocol 
> is, but
> > > I'm definitely looking into it. I need to get the latest source 
> working
> > > and then I'll probably have some questions. If you could give me a 
> hint
> > > about where to look to inject the code, that would be great.
> >
> > Look at sync.c:sync_server()
> > You want to add a command here.
> >
> > Note that your work is likely to conflict with reschauzier's one.
> >
> > --
> > Emmanuel Dreyfus
> > http://hcpnet.free.fr/pubz <http://hcpnet.free.fr/pubz> 
> <http://hcpnet.free.fr/pubz <http://hcpnet.free.fr/pubz>>
> > manu@... <mailto:manu%40netbsd.org> <mailto:manu%40netbsd.org>
> >
> >
>
>

Mark Walker <furface@...> wrote:

> Or else maybe I misunderstood what you were saying.  That we would be
> working on the same code base at the same time on different things?  
> That's fine too.  I'll look at what Reschauzier is doing and make sure I
> sync up.

Exactly: Reschauzier is merging white and greylist. But your change will
be smaller and likely to be less intrusive, so it would make sense to
check it in first.

-- 
Emmanuel Dreyfus
http://hcpnet.free.fr/pubz
manu@...