From: Mike Horwath (drechsauiphouse.net)
Date: Tue Aug 01 2006 - 21:15:14 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Jul 31, 2006, at 3:31 AM, SATOH Kiyoshi wrote:
> On Mon, 31 Jul 2006 08:51:02 +0100
> Simon Waters <simonwzynet.net> wrote:
> Subject: Re: best greylist method
>
>> But I don't think these things are easily comparable. For example
>> this box
>> runs the SBL-XBL blacklist before greylisting, I dare say the
>> database would
>> be larger if we didn't, and one could easily grow the database by
>> storing
>> more information to do a better job, and no doubt it will grow
>> with time.
>
> I recommend Rgrey(S25R+greylisting) aiming at the same effect.
>
> S25R identifies whether the client is dynamic IP from the pattern of
> client FQDN.
> Only what matches to S25R does greylisting.
>
> There is the following benefits in Rgrey.
> - The risk of rejecting legitimate clients becomes lower.
> - Postgrey database now contains less entries.

sqlgrey does the same thing, kinda.

It has greylisting by /24 unless the hostname matches a regex, at
that point it is instead done at the /32 level if the regex hits.

The regex is looking for dynamic/end-user RHS matches for DNS.

And it does it all within the one policy daemon :)

--
Mike Horwath drechsauiphouse.net
                          ipHouse - Welcome home!

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]