Yahoo Groups archive
Thread
2004-11-09 by Joseph Burford
Hi all, Just an FYI I added 216.33.244.0/24 to local whitelisting. It's another ebay range, they just keep trying every 20 seconds and give up before the greylisting timeout expires. Is anyone interested in sharing trusted/whitlisted ranges? Feel free to email me on or off list, I'm thinking of implementing a database of some sort at some stage. Regards, Joseph
2004-11-09 by manu@netbsd.org
Joseph Burford <joseph@...> wrote: > Just an FYI I added 216.33.244.0/24 to local whitelisting. > > It's another ebay range, they just keep trying every 20 seconds and give > up before the greylisting timeout expires. > > Is anyone interested in sharing trusted/whitlisted ranges? Feel free to > email me on or off list, I'm thinking of implementing a database of some > sort at some stage. I'll add it to the default config file. -- Emmanuel Dreyfus Il y a 10 sortes de personnes dans le monde: ceux qui comprennent le binaire et ceux qui ne le comprennent pas. manu@...
2004-11-09 by Matthias Scheler
On Tue, Nov 09, 2004 at 04:41:28PM +1030, Joseph Burford wrote: > It's another ebay range, they just keep trying every 20 seconds and give > up before the greylisting timeout expires. 1.) "domain ebay.com" works fine for me. 2.) "ebay.com" contains SPF Records now. Kind regards -- Matthias Scheler http://scheler.de/~matthias/
2004-11-09 by Enrico Scholz
tron@... (Matthias Scheler) writes: > 2.) "ebay.com" contains SPF Records now. 1. libspf is unstable and I would not use it on productive systems (I never tried libspf_alt). 2. there are rumors that more SPF records are used by spammers than by "regular" mailers. So, SPF would be a bad criteria for greylisting IMO. Enrico
2004-11-09 by Emmanuel Dreyfus
On Tue, Nov 09, 2004 at 12:46:43PM +0100, Enrico Scholz wrote: > > 2.) "ebay.com" contains SPF Records now. > > 1. libspf is unstable and I would not use it on productive systems (I > never tried libspf_alt). lippf_alt works fine for me. Beside potential problems with libspf, the key point is to link with a thread safe resolver. libspf and libspf_alt make DNS querries within milter-greylist, and milter-greylist is a threaded program. If the resolver is not thread safe, you crash at the first time two thread make a DNS query at the same time. > 2. there are rumors that more SPF records are used by spammers than by > "regular" mailers. So, SPF would be a bad criteria for greylisting > IMO. I don't agree. Spammers operating from fixed network just deserve an entry in your blacklist. SPF doesn't change anything to that. -- Emmanuel Dreyfus manu@...
2004-11-09 by Enrico Scholz
manu@... (Emmanuel Dreyfus) writes: >> 1. libspf is unstable and I would not use it on productive systems (I >> never tried libspf_alt). > > lippf_alt works fine for me. Beside potential problems with libspf, There are not only potential problems with libspf but existing ones: | $ spfqtool -s user-support5@... -i 84.97.1.113 | You didn't give me a helo host, using (nobody) | Segmentation fault This is caused by code like: | rr_data = malloc(...); | ... no initialization of 'rr_data' ... | strncat(rr_data, ...); at several places. Really nothing, which I would use somewhere in the near of a productive system. >> 2. there are rumors that more SPF records are used by spammers than by >> "regular" mailers. So, SPF would be a bad criteria for greylisting >> IMO. > > I don't agree. Spammers operating from fixed network just deserve an > entry in your blacklist. SPF doesn't change anything to that. A domain + TXT entry are much easier/cheaper to get than a fixed IP. Enrico
2004-11-09 by iewebguy
--- In milter-greylist@yahoogroups.com, Emmanuel Dreyfus <manu@n...> wrote: > key point is to link with a thread safe resolver. libspf and libspf_alt > make DNS querries within milter-greylist, and milter-greylist is a > threaded program. If the resolver is not thread safe, you crash at the > first time two thread make a DNS query at the same time How can I tell if I have a thread-safe resolver? I am running a raq 550 (cobalt linux)
2004-11-09 by milter@free.fr
Quoting iewebguy <mark@...>: > > > --- In milter-greylist@yahoogroups.com, Emmanuel Dreyfus <manu@n...> > wrote: > > > key point is to link with a thread safe resolver. libspf and libspf_alt > > make DNS querries within milter-greylist, and milter-greylist is a > > threaded program. If the resolver is not thread safe, you crash at the > > first time two thread make a DNS query at the same time > > How can I tell if I have a thread-safe resolver? I am running a raq > 550 (cobalt linux) Try to find which glibc you have (rpm -qf /lib/libresolv.so may work) and check through the installed doc or online docs (not the manpages are most often with Linux it does not mention if a given function is MT safe)... Last way out will be checking the glibc code ... Libresolv in old versions of glibc was not thread-safe see http://cs-people.bu.edu/artdodge/linux/glibc/resolv/ Emmanuel, you might be interested in the following thread : http://tinyurl.com/3whpd Many Milters writers need to do DNS requests from their Milters ... Milter is low level and a higher level interface offering DNS requests, MIME decoding/altering would help a lot ... SL/ PS : http://www.nongnu.org/ruli/ looks nice but is GPL Licensed (some may say "infected" :-) ) SO I guess it cannot be used for avoiding libresolv use.
2004-11-09 by Cyril Guibourg
milter@... writes: > Milter is low level and a higher level interface offering DNS requests, > MIME decoding/altering would help a lot ... What does MIME have to do with this ? > PS : http://www.nongnu.org/ruli/ looks nice but is GPL Licensed (some > may say "infected" :-) ) SO I guess it cannot be used for avoiding > libresolv use. Why one should avoid using appropriate libbind/libresolv ? Just wanting to understand your statements.
2004-11-09 by manu@netbsd.org
iewebguy <mark@...> wrote: > > key point is to link with a thread safe resolver. libspf and libspf_alt > > make DNS querries within milter-greylist, and milter-greylist is a > > threaded program. If the resolver is not thread safe, you crash at the > > first time two thread make a DNS query at the same time > How can I tell if I have a thread-safe resolver? I am running a raq > 550 (cobalt linux) Link milter-greylist and run nm on it. If you have res_ *functions, you loose. If you have nres_*, you win. If your system does not has a thread-safe resolver, you can build libbind.a from BIND 9 sources, and link libspf_alt with libbind.a. That's what I do on NetBSD 1.6.2. -- Emmanuel Dreyfus Il y a 10 sortes de personnes dans le monde: ceux qui comprennent le binaire et ceux qui ne le comprennent pas. manu@...
2004-11-09 by manu@netbsd.org
<milter@...> wrote: > Emmanuel, you might be interested in the following thread : > http://tinyurl.com/3whpd > Many Milters writers need to do DNS requests from their Milters ... > Milter is low level and a higher level interface offering DNS requests, > MIME decoding/altering would help a lot ... The problem is that milter-greylist doesn't do any DNS request. libspf[2|_spf] could use it, not milter-greylist. -- Emmanuel Dreyfus Il y a 10 sortes de personnes dans le monde: ceux qui comprennent le binaire et ceux qui ne le comprennent pas. manu@...