[milters] Archive

Lists Index Date Thread Search

Article: 622
From: Andrew Lyon
Date: 2010-06-05 08:23:50 -0400
Subject: Re: Comments on this backscatterer.org?

On Thu, Jun 3, 2010 at 2:33 AM, Michael Mansour <mic@npgx.com.au> wrote:
> Hi Chris,
>> On Dec 10, 2008 Anthony Howe wrote:
>> >
>> > > Ultimately we ended up dropping milter-sender because it didn't have
>> > > a shared data pool for our multiple servers, so an email could end
>> > > was just the nail in the coffin for us.
>> >
>> > Something I've mentioned many times last year, which is implemented in
>> > BarricadeMX, is the multicast/unicast cache API has _still_ to be back
>> > ported to those milters using a cache (-ahead, -gris, -error, -sender,
>> > ...) which solves the cluster issue very nicely. Steve Freegard of FSL
>> > can attest to the effectiveness MCC API.
>> Hi Anthony,
>> I was attempting to use milter-gris against certain problematic IP ranges
>> to block spam, but once again ran into the issue where our multiple relay
>> hosts were holding mail up too long since they didn't share greylist
>> information.
> What greylist milter do you use?
> I seem to run a setup similar to yours and haven't had the issues you've
> experienced.
> Regards,
> Michael.
>> Has there been any progress one way or another?
>> Thanks!
>> Chris
>> ----------------------------------------------------------------------
>> National Center for Supercomputing Applications (NCSA)
> ------- End of Original Message -------

I can understand that some people do not like to receive sender
callout tests, but with proper caching I find it hard to believe the
comments about hundreds of thousands of callouts per second mentioned
on backscatterer.org , I certainly hope it doesn't become a popular
rbl as callout verification is one of the most effective and least
disruptive spam filtering methods I've found yet.

Regarding your problem, I think it may be possible to run a single
milter-sender host with multiple sendmail servers connecting to it,
rather than running milter-sender locally on each one.

Of course that does introduce a single point of failure but the
snertsoft milters are generally extremely stable and you could set
sendmail to skip the milter if the connection fails.


A socket specifier used to communicate between Sendmail and
milter-sender. Typically a unix named socket or a host:port. This
value must match the value specified for the INPUT_MAIL_FILTER() macro
in the sendmail.mc file. The accepted syntax is:
A named pipe. (default)
An IPV4 socket.
An IPV6 socket.

Use a ipvX socket instead of named pipe, and amend your sendmail config to suit.

Perhaps a single milter-host at each physical location would be a good


Lists Index Date Thread Search