[milters] Archive

Lists Index Date Thread Search

Article: 1118
From: Anthony Howe
Date: 2006-08-25 11:25:56 -0400
Subject: Re: milter-spamc greylist if not in AWL

Removal...........: milters-request@milter.info?subject=remove
More information..: http://www.milter.info/#Support
--------------------------------------------------------

rcgraves@brandeis.edu wrote:
> Quoting Anthony Howe <achowe@snert.com>:
>>> There's a lot of ways one could imagine combining greylisting and
>>> spamassassin; this is just one.
>> This will more of less NOT work as desired. RFC 2821 states that after
>> the final dot concerning a message content the ONLY responses possible
>> are accept or reject. Temporary failure is not an option. Therefore your
> 
> You're right, of course. Sent upstream to the scamgrey dude. I spent all my
> time looking at rfc 3463 for the "correct" enhanced smtp sub-code (your
> milter-gris uses 4.7.1 at rcpt time, several others have decided that it's
> safest to stick with 4.3.0, "undefined, my problem not yours") and never
> looked at 2821.

I disagree. Grey listing is a "security" policy therefore:

	X.7.1   Delivery not authorized, message refused

          The sender is not authorized to send to the destination.  This
          can be the result of per-host or per-recipient filtering.  This
          memo does not discuss the merits of any such filtering, but
          provides a mechanism to report such.  This is useful only as a
          permanent error.

I ignore the last sentence, since extended error codes were written 
before grey-listing came into fashion, so the author probably assumed 
there would no valid reason to temporarily refuse message.

> What do you think about this? It gives the correct envelope return path to
> spamassassin, which allows some SpamAssassin SPF rules to work that would
> otherwise never fire.

Its certainly feasible, but if you want to reject on SPF, its more 
efficient to do it pre-DATA with milter-spiff. Or use milter-spiff to 
tag the message and add the received-spf headers and then have SA pick 
those up for scoring.

-- 
Anthony C Howe          Skype: SirWumpus                    SnertSoft
+33 6 11 89 73 78         AIM: SirWumpus    Sendmail Milter Solutions
http://www.snert.com/     ICQ: 7116561
     http://www.snertsoft.com/

Lists Index Date Thread Search