On 4 March 2002, Will Day <willdayrom.oit.gatech.edu> wrote:
> A short time ago, at a computer terminal not so far away, Liviu Daia
> wrote:
[...]
> > Checking the complete envelope sender address (including
> >username) is the main purpose of existence of check_sender_access.
> >Fill in the missing details of the TCP maps as I described a few days
> >ago, and you have it over the network. Make an UDP version of it,
> >add some (simple) replication mechanism (caching is already there),
> >and you have a better RBL.
>
> I'll look at the TCP map. I had the impression there were still
> design issues that had to be finished for that, and I don't know that
> I'm qualified to decide those. If the design is already spec'd,
> and it's only implementation issues that are left, then that's more
> accessible.

    The specs have been described by Wietse as follows:

    On 18 December 2001, Wietse Venema <wietseporcupine.org> wrote:
    : Liviu Daia:
    : > On 18 December 2001, Wietse Venema <wietseporcupine.org> wrote:
    : > > To implement, finish the Postfix TCP map,
    : > [...]
    : >
    : > What exactly needs to be finished at the TCP map?
    :
    : The over the wire format, which would now preferably be attr_scan64()
    : or attr_scan0() formatted, like the rest of Postfix.
    :
    : There needs to be a data dictionary for attribute names and
    : values, such as:
    :
    : name value
    : ---------------
    : request lookup, resolve, rewrite, ... (mandatory in request)
    : status success, fail, retry (mandatory in reply)
    : reason free text (optional)
    : key free text (used in lookup request)
    : value free text (used in lookup reply)
    :
    : More names to be defined as Postfix evolves.
    :
    : Wietse
    : -
    : To unsubscribe, send mail to majordomopostfix.org with content
    : (not subject): unsubscribe postfix-users

    I'm attaching a trivial patch that I wrote some time ago, which is
supposed to implement this idea, and a small Perl script for testing it
(WARNING: don't use the Perl script for anything else than testing, it
isn't prepared to cope with real-world conditions).

> I wasn't aware of available caching, either; that would certainly make
> it easier (hmm, is that util/ctable.c?).

    I was imprecise. The client side already has some simple form of
TCP connection caching. Lookup caching is not yet there, but it could
be done on a per-connection basis (or perhaps on per-dictionary basis),
using circular lists and simple garbage collection.

> >Write what I called elsewhere a "policy daemon" having the existing
> >RBL as a backend, and you also have a system compatible to the rest
> >of the world. None of this would be excruciatingly hard (most of the
> >pieces are already ed in Postfix in some place or another), but it
> >would involve making some major design decisions.
>
> Hmm, policyd. Yeah, that seemed a rather much larger prospect, which
> I don't know if I'm prepared to tackle at this point.

    Yes, that's the non-trivial part of the story. However, browsing
the sources for a while, you'll find out, like I said, that most of the
pieces for writing such a daemon are already in Postfix.

[...]
> >> Well, perhaps we should write a standard for a _new_, proper way
> >> to do it, then. :) Seriously. Otherwise, there's not an apparent
> >> alternative when folks are looking for solutions - and the existing
> >> method will just get used more and more.
> >
> > Personally, I made my point about all this many times in the
> >past, on various public lists. I don't expect that going through one
> >more iteration of the same process will suddenly have a meaningful
> >effect,
>
> I'd be happy to read some of your other discussions on the topic,
> given some good references (urls, google keywords, etc).

    Sorry, I don't keep archives that old. I'm afraid searching for
"+Daia +RBL" is not going to be very useful either. :-)

> >and I really have better things to do than write formal specs about
> >which nobody cares. I have neither the time, nor the motivation for
> >such a task.
>
> Well, if _you_ care about it, then it's not really true that "nobody"
> cares about it. :) And I'd wager that, if you care, then there are
> probably others that do too.
[...]

    Oh, I'm sure that, with some amount of carefully designed social
engineering, I could find maybe three people out there to listen to my
sermon. I was referring however to an approach that stands realistic
chances to actually influence the generally accepted standards. IMO,
working on something useful (like the RBL patch), no matter how small,
is a better way to spend your time than unearthing the reminiscences of
old crusades for standards. :-)

    Regards,

    Liviu Daia

-- 
Dr. Liviu Daia               e-mail:   Liviu.Daiaimar.ro
Institute of Mathematics     web page: http://www.imar.ro/~daia
of the Romanian Academy      PGP key:  http://www.imar.ro/~daia/daia.asc

• application/x-gunzip attachment: patch.snapshot-20011217.dict_tcp.1.gz

• application/x-gunzip attachment: dict_tcp_server.pl.gz

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]