[Gross] RFE: check = database, rereading configuration file

Jesse Thompson jesse.thompson at doit.wisc.edu
Tue May 20 19:19:08 EEST 2008 

Eino Tuominen wrote:
> Jesse Thompson wrote:
>> Ernest Wypierowski wrote:
>>> I would like to change a policy during the night and be able to greylist
>>> all connections (beside dnswl).    For that reason I am missing a   con-
>>> figuration flag to modify the check from dnsbl to e.g. database.
>>
>> Neat idea.  Allowing for block_threshold and grey_threshold to be
>> changed through external input, or given time-formatted values, would be
>> an interesting feature request.
> 
> More sofisticated methods can be implemented if configuration system
> gets a rewrite sometime in the future.
> 
> But how about if checks could return bias to thresholds? A little like
> Puremessage rules can shift the final spam percentage by an absolute
> number.

It might be overkill.  Puremessage deals with thousands of factors that
bias the decision.  Gross usually deals with less than 10.

I'd rather see an ability to update some configuration variables without
restarting grossd.  This is more akin to how some of the SJSMS
configutil variables can be updated without refreshing the server.  This
way you can add/remove dnsbls, change thresholds, modify error messages,
etc, without disrupting the service.  To accomplish Ernest's goal of
lowering the grey_threshold during the night, one could put the command
to change the value in the server's crontab.

On the other hand, I don't think that I'd use this feature all that
much, so I don't consider it a priority.


> I mean that e.g. geoip check (not implemented yet, if you have good
> pointers to free databases, please share) could return bias if the mail
> comes in from some suspicious or highly trusted network. Some Finnish
> site that mostly exchanges mail with European countries could set rather
> strict thresholds and let geoip check raise the thresholds if sender ip
> is known to be European. Or time check could lower grey_threshold to 0
> during night time.

I think that geoip would be difficult to do live queries against, since
the end-result will be dependent on your location in addition to the
client_ip's location.  Perhaps geoip would be better used to feed a
locally hosted DNSBL or DNSWL that can then be queried by grossd.

Jesse

-- 
  Jesse Thompson
  Email/IM: jesse.thompson at doit.wisc.edu
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3353 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.utu.fi/pipermail/gross/attachments/20080520/beb4ba62/attachment.bin>

More information about the Gross mailing list