[Greylist-users] Greylist implementation for diskless firewall appliances

[Regence 21]

One potential use of greylisting I've been thinking about
to implement it on a firewall appliance that has an SMTP
proxy. This enhances network security and reduces load
on mail servers from inbound spam.

There are some implementation issues which complicate
the situation. Many firewall appliances are diskless
Linux boxes that boot from flash RAM. Typically appliances
offer an SMTP proxy that provides security and spam
controls for inbound SMTP before it reaches an internal
MTA, but they have very little internal storage per se.

Given that there is no easy way to make greylisting
totally stateless, one solution might be to create a derivative
of the reference implementation for appliances which keeps
the database in RAM, and periodically store a copy on
a nearby server using ftp or something similar. When
the appliance boots, it could retrieve the latest copy
instead of starting from scratch.

Some questions for the list:

How large is the SQL database likely to get? Would
it be feasible to use a RAM based list without a proper
SQL database? Has anyone worked out a formula
for the size based on users/mail rate?

What issues would be created by periodically saving
a host copy of a RAM based list which could be retrieved
by the appliance on a cold start? One problem which comes
to mind is somehow retrieving a stale list. The other is the
frequency of saves needed in order for the stored copy
of the database to be fresh enough to be useful.

Is greylisting likely to cause loading issues due to retries?

I realize it's still early in this implementation but I thought it
might be worth raising these issues now. A smart appliance
based implementation of this concept could easily increase
the number of people using greylisting overnight to many
thousands of MTA's.

Thanks,

Brian

_________________________________________________________________
MSN 8: Get 6 months for $9.95/month. http://join.msn.com/?page=dept/dialup