Milter-greylist

On Tue, Jun 01, 2004 at 04:48:07PM +0200, Matthieu Herrb wrote:
> I'd raise the limit, and change the database format to use a single 
> white space character as separator, so that it remains of a reasonable 
> size on disk.

Okay, but to what value should we raise the limit?
You'll laways fid some ill-configured software that sends long addreses.

> This means that the adress needs to be encoded in quoted-printable or 
> such in the case it contains some white-space (or these incorrect 
> addresses could be filtered out by rejecting the message entierly).

That problem is already handled: whitespaces are replaced by underscores
before storage and comparisons.

> Anyways, a limit is needed (even if computing a MD5 hash) to protect 
> milter-greylist from DoS attack by arbitrary large addresses. But here 
> too addresses over the limit can be simply rejected instead of inserted 
> in the grey list.

That will generate false positives...


-- 
Emmanuel Dreyfus
manu@...