Menu

#3 MX and SPF checking

open
nobody
None
5
2007-08-05
2006-10-18
Szymon Juraszczyk
No

I've started using SQLgrey 1.6.7 recently and it
tremendously reduced the amount of spam that gets
through to Spamassassin, which is my second line of
defence. I came up with an idea of checking the MXes
for the sender's domain and comparing it to client's IP
address. Of course it does not have to be the same, but
I believe that in vast majority of cases the legitimate
server sending mail for the domain would be at least in
the same class C subnet as one of the MXes. If the IP
matched, the e-mail could be accepted without
greylisting. SPF could be checked, too. Otherwise it
would fall back to the standard greylisting behaviour.
I guess it could eliminate to some extent delays of
e-mail from unverified senders in case they seem to be
legitimate.

What do you reckon? I think I could implement it, if
you find it useful. I'll probably do so anyway, just
for my own use...

Discussion

  • Lionel Bouton

    Lionel Bouton - 2007-08-05

    Logged In: YES
    user_id=89899
    Originator: NO

    This would slow SQLgrey by making long DNS requests which would block all processing...

     

  • Lionel Bouton

    Lionel Bouton - 2007-08-05
    • status: open --> closed
     

  • Szymon Juraszczyk

    Szymon Juraszczyk - 2007-08-05

    Logged In: YES
    user_id=524482
    Originator: YES

    I actually implemented it but it sucked because as you say it generated timeouts between Postfix and sqlgrey. Then I realized that sqlgrey's Net::Server::Multiplex processing model was not really suitable for that - it would need Net::Server::Fork or Net::Server::Prefork to work decently. I've somehow found no time since then to completely change the processing model of sqlgrey, though I still intend to do it one day.

    I disagree with you that all this feature would do is slowing down sqlgrey. DNS checks are anyway performed by amavis and even Postfix (at the very least reverse check on client's IP is performed). Encorporating SPF checks into sqlgrey would make it accept more legitimate mail in the first place, without any unnecessary delays. The only problem I can see is that sqlgrey's request processing model (one-by-one in a loop) is somewhat inopportune.

     

  • Szymon Juraszczyk

    Szymon Juraszczyk - 2007-08-05
    • status: closed --> open
     

  • busitech

    busitech - 2011-03-29

    I'd love to see SPF added to reduce delays! We love greylisting, but the delays suck when there is known information that could eliminate it. Thanks!

     
Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.