Re: milter-greylist 1.4
2004-06-04 by Cyril Guibourg
... Je n ai pas beaucoup de temps libre (famille, boulot...) mais si je peux aider n hésite pas à me demander. Bon courage et merci pour ton soft d enfer
Messages
Browse messages
Page 142 of 144 · 7199 messages matched
Re: [milter-greylist] upcoming version 1.4
2004-06-03 by Cyril Guibourg
... No problem on FreeBSD 4.X and 5.X so far.
Re: [milter-greylist] Whitelisting
2004-06-03 by Emmanuel Dreyfus
... Consider whitelisting the netblock allocated to the sender s organisation: addr 192.0.2.0/24 sender address whitelisting is not a good thing, because
Whitelisting
2004-06-03 by Johnny Sletteland
Greetings, this is my first post here, so I guess a hello is in order. I have been using milter-greylist in production environments for a short time now, and
Re: [milter-greylist] Re: is this a DoS?
2004-06-03 by Dan Hollis
... I don t mean ram, but rather that the serial db lookups could end up taking a lot of cpu. On-disk database would alleviate both memory pressure and lookups
Re: [milter-greylist] Bug...
2004-06-02 by Matthias Scheler
... That s harmless. It just means that the greylist daemon couldn t read back an entry with an invalid e-mail address from the database file. Kind regards --
Re: [milter-greylist] Bug...
2004-06-02 by manu@netbsd.org
... What is the address? Is it valid? milter-greylist will store ill-formatted addresses in its database while running, and it will reject them on dump reload,
sender + recipient exception patch
2004-06-02 by Dan Hollis
This patch allows you to define sender+recipient exception pairs in greylist.conf. The syntax is the same as existing from clause, but you can put an
Bug...
2004-06-02 by Mason Loring Bliss
This is with version 1.2.2 on NetBSD 2.0 Beta. I haven t tried any other verisons. This happens if a grey-listed address in greylist.db has a backslash in it.
Re: [milter-greylist] peer - reply 200
2004-06-01 by manu@netbsd.org
... Sure there is, why do you think I bothered implementing that odd feature? Could you perform a tcpdump -s0 -X port 5252 during the sync attempt? That
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by manu@netbsd.org
... If you have such a big system, then you won t object throwing a few more GB of RAM to fix that problem :) -- Emmanuel Dreyfus Il y a 10 sortes de personnes
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by manu@netbsd.org
... Ok, since you really ask for it, let me rephrase: Add a config option in conf_lex.l and conf_yacc.y for this, change every occurence of a string of size
peer - reply 200
2004-06-01 by hans hm04
hi all i am running 2 mail-gateways on solaris 9 with milter-greylist 1.3.8 and tried to activate the peer statement, each with the others ip-address. in
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Dan Hollis
... I wonder if this won t cause scalability problems in the future on very large systems (eg 10,000 s of users). Multiply by the unique senders and unique
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Dan Hollis
... I think I said runtime? Yeah, I did :-) -Dan
Re: [milter-greylist] upcoming version 1.4
2004-06-01 by manu@netbsd.org
... Ok, I ll fix that. -- Emmanuel Dreyfus Il y a 10 sortes de personnes dans le monde: ceux qui comprennent le binaire et ceux qui ne le comprennent pas.
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by manu@netbsd.org
... There is no information in greylist.db that you couldn t find in maillog... -- Emmanuel Dreyfus Il y a 10 sortes de personnes dans le monde: ceux qui
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by manu@netbsd.org
... Change ADDRLEN in dump.h to the value you like and rebuild. -- Emmanuel Dreyfus Il y a 10 sortes de personnes dans le monde: ceux qui comprennent le
Re: [milter-greylist] Delayed for
2004-06-01 by manu@netbsd.org
... I m not sure I correctly understand what you mean in this sentence. Could you rephrase? ... Pick up the latest source and make a diff against it. --
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by manu@netbsd.org
... Keeping everything in memory makes sense since you walk the whole greylist on each new spam that gets in. ... The biggest issue is that you have no data
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Enrico Scholz
... My P4 2.6 calculates the md5sum of 1GiB data in 5 seconds and the sha1sum ... For milter-greylist, we will calculate the checksum of 50-200 bytes of data
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Dan Hollis
... sha1 isnt _that_ expensive. Figure about 4000 cycles for 64 bytes. This means on typical 1ghz cpu you can do 250,000 sha1/sec. ... sha1 is more resistant.
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Dan Hollis
... The current situation is too short, I think i ve pointed that out already ... Is it possible to decide at runtime with a config option? Those with big
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Jeff Wasilko
... I guess this is one tradeoff of using an on-disk db (like BDB) vs. trying to keep it in memory. As someone who s tried to do high-transaction rate stuff
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Enrico Scholz
... securityfocus.com has bounce-addresses exceeding this; e.g. ... ( MYDOMAIN is 6 characters long in reality) ... This means, that 320 byte must be reserved
Re: [milter-greylist] upcoming version 1.4
2004-06-01 by Matthieu Herrb
... One small remaining problem: the milter-greylist-1.3.8 directory itself has a stange mode (740) that still prevents install over NFS. Other access rights
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Emmanuel Dreyfus
... My setup has 256 MB, so yes, memory usage can be a problem for me :) ... I have no idea how costly is cryptographic hash computing. Are you sure it won t
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Jeff Wasilko
... It would be best to refer to the RFCs here. RFC2821 says: 4.5.3.1 Size limits and minimums There are several objects that have required minimum/maximum
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Emmanuel Dreyfus
... In fact, the fix to the original problem is trivial: I just have to give except_rcpt_filter() and except_sender_filter() the pointer to the original
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Enrico Scholz
... Longest FROM addresses are around 90 characters (maillist bounce-addresses) here. So 128 seems to be a good value. ... * Is this really a problem with
upcoming version 1.4
2004-06-01 by Emmanuel Dreyfus
... I d like to issue a 1.4 release. Can you please check that 1.3.8 builds and runs without a hitch on your platform of choice? If no new problem is
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Cyril Guibourg
... Why should I try to match it against a regex ? It would be already in the list of greyed addresses because the match test did occur before. Something
milter-greylist-1.3.8
2004-06-01 by Emmanuel Dreyfus
Hi milter-greylist-1.3.8 is just a build warning fix. -- Emmanuel Dreyfus manu@netbsd.org
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Emmanuel Dreyfus
... You didn t understand the problem of MD5 and regex I send amail, rcpt It gets through a MD5 hash: ad71c6bc1d51a4be31aaddd7ce5c7ac3
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Emmanuel Dreyfus
... Okay, but to what value should we raise the limit? You ll laways fid some ill-configured software that sends long addreses. ... That problem is already
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Cyril Guibourg
... If you store it in ascii. -- ^x^i ~/.signature
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Cyril Guibourg
... I thought about MD5 when storing adresses that do not match the regex. Once the test is done, storing the hash instead of the full adress itself would save
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Cyril Guibourg
... I wasn t speaking about the regex but the [non]matching address. If memory consumption is a problem, you can store in the db md5 hashes of addresses that
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Matthieu Herrb
... The MD5 doesn t help if you want to do regex matching, but I m not sure if there are cases were you need to match an address in the database against a
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Emmanuel Dreyfus
... And how do you match a regex on a hashed address? -- Emmanuel Dreyfus manu@netbsd.org
Delayed for
2004-06-01 by Alexandre CHERIF
Hi, i think it will be good idea to syslog a message for delayed time like the X-Header. there is one message for not delayed by but to for the delayed.
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Cyril Guibourg
... What about storing an MD5 hash instead of the address ? The drawback I see is that there would be no way to easily interpret the dump db but after all,
Re: [milter-greylist] Re: is this a DoS?
2004-06-01 by Emmanuel Dreyfus
On Tue, Jun 01, 2004 at 01:58:05PM -0000, enscensc wrote: [e-mail addresses are truncated to 32 chars] ... Hum, that s a real problem. I see several way of
Re: is this a DoS?
2004-06-01 by enscensc
... It triggers a problem when using regexp s in the configuration file. E.g. ... ^ would *never* be matched as no tested rcpt will have the characters after
milter-greylist-1.3.7 released
2004-05-31 by manu@netbsd.org
... Ok, so it s now in milter-greylist-1.3.7 This release only fixes the SIGSEGV problem on config reload. -- Emmanuel Dreyfus Il y a 10 sortes de personnes
Re: [milter-greylist] SIGSEGV problem on config reload: patch to test
2004-05-31 by Cyril Guibourg
... Tested on both 1.3.6 & 1.2.2: works like a charm under FreeBSD 4.10. It should be ok for 5.X too. Thanks a lot !
Re: [milter-greylist] Config reload SIGSEGV in the spotlight
2004-05-31 by manu@netbsd.org
... Yes, the stack grows up to the same size, but NetBSD s pthreads implementation seems to have a greater default stack limit, so it does not screw up. --
Re: [milter-greylist] Config reload SIGSEGV in the spotlight
2004-05-31 by Cyril Guibourg
... Do you experience the same stack grow under Net ? ... No, fore sure.
SIGSEGV problem on config reload: patch to test
2004-05-31 by manu@netbsd.org
Hi everyone Here is a patch for milter-greylist-1.3.6 that spawns a new thread, requesting enough stack for reloading the config file. This should fix the
Re: [milter-greylist] Config reload SIGSEGV in the spotlight
2004-05-29 by Cyril Guibourg
... This is the consequence of trying several things without any though... ... And of course, using THREAD_STACK_SIZE define in milter-greylist doesn t change