[Gross] Excellent program [ feature requests ]

Justin Piszcz jpiszcz at lucidpixels.com
Sun Oct 26 11:28:31 EET 2008



On Sun, 26 Oct 2008, Eino Tuominen wrote:

> Justin Piszcz wrote:
>> For RHSBL checks, can we implement the following:
>> - client rhsbl checks (hostname of client)
>> - helo rhsbl checks (what the client says the helo=)
>> - sender rhsbl checks (I assume this is what it does by default)
>> 
>> Similar to the following in postfix:
>> - reject_rhsbl_helo
>> - reject_rhsbl_client
>
> Sure, that's possible. But, are there any rhsbl's that truly work 
> efficiently?
Yes: black.uribl.com, multi.surbl.org, multi.uribl.com, rhsbl.ahbl.org

>
>> # DEFAULT: block_threshold = 0
>> block_threshold = 4
>> - Would it be possible to block if in more than X number of RBLs as well,
>>    regardless of the score?
>
> Yes it would (technically), but do you think it would really help? I mean, 
> could you just set up the weights for the RBL checks?
Yes for instance the weights could be different but if you have 10 RBLs and
its blocked in 5, the number of RBLs supersedes the weights.

Such functionality is implemented in the (unmaintained) policyd-weight,
www.policyd-weight.org.

Also, policyd-weight adds a PREPEND to the header of the e-mail to show 
you what the filter did (policyd-weight)- would this be possible to add to 
gross as well?

>
>
> Future considerations:
>
> After the new configuration system it would be more easy to define check 
> groups(, or check clusters). I mean one could state something like this in 
> the config file:
>
> check spamhaus {
>    type = dnsbl
>    zone = zen.spamhaus.org
>    in 127.0.0.4/30 {
>        weight = 4
>    }
>    in 127.0.0.2/32 {
>        weight = 8
>    }
>    weight = 1
> }
>
> check sorbs {
>    type = dnsbl
>    zone = dnsbl.sorbs.net
>    delay = 200 ms
> }
>
> check spamcop {
>    type = dnsbl
>    zone = bl.spamcop.net
>    weight = 2
> }
>
> # if matches both spamhaus and spamcop, adjust weight
> cluster hauscop {
>    matches = {spamhaus, spamcop}
>    weight = 4
> }
>
> I'm not sure if this would help grossd to be more efficient, but at least 
> it's doable.
>
> Also, the config format above is far from complete. I want it to be 
> understandable without the manual in hand. New ideas and contributions are 
> always welcome.
>
> --
>  Eino Tuominen
>



More information about the Gross mailing list