Yahoo Groups archive
Thread
2011-08-08 by lists-yahoogroups@localguru.de
Hi, I'd like "reduce" milter-greylist to one function: do URL lookups (checking the recipient through a webservice) and reject (not greylist) emails with a "554 5.7.1" code if the answer of the lookup is not "milterGreylistStatus: Ok". It's a kind of call forward/ahead against an internel webbased service and not against a smtp server like "md_check_against_smtp_server" function in mimedefang. Thanks Marcus
2011-08-08 by manu@netbsd.org
lists-yahoogroups@... <lists-yahoogroups@...> wrote: > I'd like "reduce" milter-greylist to one function: do URL lookups > (checking the recipient through a webservice) > and reject (not greylist) emails with a "554 5.7.1" code if the answer of > the lookup is not "milterGreylistStatus: Ok". It's a kind of call > forward/ahead against an internel webbased service and not against a smtp > server like "md_check_against_smtp_server" function in mimedefang. milter-greylist can do that, but what is your question? -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu@...
2011-08-08 by lists-yahoogroups@localguru.de
Hi Emmanuel, On Mon, 8 Aug 2011 04:40:52 +0200, manu@... wrote: > lists-yahoogroups@... <lists-yahoogroups@...> wrote: > >> I'd like "reduce" milter-greylist to one function: do URL lookups >> (checking the recipient through a webservice) >> and reject (not greylist) emails with a "554 5.7.1" code if the answer of >> the lookup is not "milterGreylistStatus: Ok". It's a kind of call >> forward/ahead against an internel webbased service and not against a smtp >> server like "md_check_against_smtp_server" function in mimedefang. > > milter-greylist can do that, but what is your question? I'm not sure about the config, especially the ACL. Could you give me an example. My idea is something like this urlcheck "myfilter" "http://domain/check.cgi?rcpt=%r" # put invalid recps to an blacklist acl blacklist urlcheck "myfilter" # whitelist for valid recps acl whitelist default And what should the check.cgi give back in case of invalid recipient? milterGreylistStatus: Ok milterGreylistCode: 554 milterGreylistECode: 5.7.1 milterGreylistMsg: unknown user And what in case of an valid recipient: milterGreylistStatus: Ok milterGreylistCode: 250 milterGreylistECode: 2.1.5 milterGreylistMsg: Recipient ok And is caching for previously checked recipients possible (valid and invalid) for about 1 hour? Cheers Marcus
2011-08-08 by manu@netbsd.org
lists-yahoogroups@... <lists-yahoogroups@...> wrote: > urlcheck "myfilter" "http://domain/check.cgi?rcpt=%r" > # put invalid recps to an blacklist > acl blacklist urlcheck "myfilter" > # whitelist for valid recps > acl whitelist default > > And what should the check.cgi give back in case of invalid recipient? > > milterGreylistStatus: Ok > milterGreylistCode: 554 > milterGreylistECode: 5.7.1 > milterGreylistMsg: unknown user > > And what in case of an valid recipient: > > milterGreylistStatus: Ok > milterGreylistCode: 250 > milterGreylistECode: 2.1.5 > milterGreylistMsg: Recipient ok That seems good. Did you give it a try? The thing remain a rough hack, but if I remeber correctly, the result of the urlcheck clause override the action (balcklist or greylist), so it does not matter if this is acl whitelist or acl greylist. One day we will have to invent a better syntax. > And is caching for previously checked recipients possible (valid and > invalid) for about 1 hour? No, this is not possible with the current code. But your webservice can cache. -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu@...
2011-08-08 by lists-yahoogroups@localguru.de
On Mon, 8 Aug 2011 05:31:02 +0200, manu@... wrote: > lists-yahoogroups@... <lists-yahoogroups@...> wrote: > >> urlcheck "myfilter" "http://domain/check.cgi?rcpt=%r" >> # put invalid recps to an blacklist >> acl blacklist urlcheck "myfilter" >> # whitelist for valid recps >> acl whitelist default >> >> And what should the check.cgi give back in case of invalid recipient? >> >> milterGreylistStatus: Ok >> milterGreylistCode: 554 >> milterGreylistECode: 5.7.1 >> milterGreylistMsg: unknown user >> >> And what in case of an valid recipient: >> >> milterGreylistStatus: Ok >> milterGreylistCode: 250 >> milterGreylistECode: 2.1.5 >> milterGreylistMsg: Recipient ok > > That seems good. Did you give it a try? No, not yet. I don't want to change to config of my milter-greylist on the live machine. I will setup a test version tomorrow. > The thing remain a rough hack, > but if I remeber correctly, the result of the urlcheck clause override > the action (balcklist or greylist), so it does not matter if this is acl > whitelist or acl greylist. Do I need the last line "acl whitelist default" or just these two lines: urlcheck "myfilter" "http://domain/check.cgi?rcpt=%r" acl blacklist urlcheck "myfilter" > One day we will have to invent a better syntax. Okay, no problem. Even though it's a very nice feature. I'm using milter-greylist for two years now and I'm very happy with it. Cheers Marcus
2011-08-08 by manu@netbsd.org
lists-yahoogroups@... <lists-yahoogroups@...> wrote: > Do I need the last line "acl whitelist default" or just these two lines: > > urlcheck "myfilter" "http://domain/check.cgi?rcpt=%r" > acl blacklist urlcheck "myfilter" If you do not include a fallback rule, it defaults to whitelist or blacklist, I do not remeber which one, but it is explained in the man page. > > One day we will have to invent a better syntax. > > Okay, no problem. Even though it's a very nice feature. I'm using > milter-greylist for two years now and I'm very happy with it. Yes... This morning I was reading on Slashdot that maintaining a mail server was a hard thing that would turn anyone into a no-life zombie. Another day I heard that 3 engineers were required to maintain a mail system for a few thousands users. Both assertions seems nonsense to me. Obviously some tools are better than others to manage the thing. http://ask.slashdot.org/story/11/08/07/1533224/Ask-Slashdot-Self-Hosted- Gmail-Alternatives -- Emmanuel Dreyfus http://hcpnet.free.fr/pubz manu@...
2011-08-11 by lists-yahoogroups@localguru.de
On Mon, 8 Aug 2011 13:48:22 +0200, manu@... wrote: > lists-yahoogroups@... <lists-yahoogroups@...> wrote: > >> Do I need the last line "acl whitelist default" or just these two lines: >> >> urlcheck "myfilter" "http://domain/check.cgi?rcpt=%r" >> acl blacklist urlcheck "myfilter" > > If you do not include a fallback rule, it defaults to whitelist or > blacklist, I do not remeber which one, but it is explained in the man > page. > >> > One day we will have to invent a better syntax. >> >> Okay, no problem. Even though it's a very nice feature. I'm using >> milter-greylist for two years now and I'm very happy with it. > > Yes... This morning I was reading on Slashdot that maintaining a mail > server was a hard thing that would turn anyone into a no-life zombie. > Another day I heard that 3 engineers were required to maintain a mail > system for a few thousands users. Both assertions seems nonsense to me. > Obviously some tools are better than others to manage the thing. > > http://ask.slashdot.org/story/11/08/07/1533224/Ask-Slashdot-Self-Hosted- > Gmail-Alternatives Too sad, CURL support is not compiled in Ubuntu LTS Checking config: CURL support not compiled in, ignore line ... CURL support not compiled in, ignore line ... failed. Quitting with error, no action taken. Will try to build a custom package. Ciao!