Re: [Sqlgrey-users] Throttling again ;-)

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Michel Bouissou wrote:

>Le Mercredi 08 Juin 2005 19:26, Lionel Bouton a =E9crit :
> =20
>
>>Unless a new function we are discussing on the mailing-list is proven u=
seful
>>to me shortly, I'm planning to release a 1.6.0 stable version based on
>>1.5.9.=20
>>   =20
>>
>
>After some thoughts, I have a couple more things in favor of "throttling=
" :
>
>1/ The supplementary SELECT count(*) we perform against the connect tabl=
e=20
>before deciding if we will accept or not to add a new entry, which is of=
 some=20
>performance concern to you, is to some extent compensated by the fact th=
at we=20
>save an INSERT each time we refuse an entry -- and that makes also a DEL=
ETE=20
>that we save at some point in the future for cleanup.
>
>2/ Throttling can to some extent be considered as "self-dynamic-blacklis=
ting",=20
>which looks nice : I see some patterns by looking at my logs, showing th=
at=20
>the same spam sources (Zombie machines used as SMTP relays ? Viruses /=20
>worms ?) tend to come back again and again randomly in time, with differ=
ent=20
>payloads (sender / recipient). If we use throttling, once they've filled=
 up=20
>their not-retried "quota" in connect, when they come back again, their n=
ew=20
>connection is refused without generating any new entry in connect, which=
 in=20
>turn reduces the chances that they could possibly defeat the greylisting=
=20
>system by trying to resend (at random) a message with a sender/recipient=
=20
>couple already known to the connect table.
> =20
>

Ok. Now I'm convinced we should test it. But 1.4.8 is pretty old now and
1.5.x is quite stable since 1.5.7 so I would like to issue a stable
1.6.0 release shortly. Would it be OK if I release a 1.6.0 without the
tarpitting and connect cleanup code and a 1.7.0 with it?

Lionel.