[Greylist-users] Greylist implementation for diskless firewall appliances

Evan Harris eharris at puremagic.com
Sun Aug 24 04:39:22 PDT 2003

On Sat, 23 Aug 2003, Regence 21 wrote:

> Given that there is no easy way to make greylisting
> totally stateless, one solution might be to create a derivative
> of the reference implementation for appliances which keeps
> the database in RAM, and periodically store a copy on
> a nearby server using ftp or something similar. When
> the appliance boots, it could retrieve the latest copy
> instead of starting from scratch.
> Some questions for the list:
> How large is the SQL database likely to get? Would
> it be feasible to use a RAM based list without a proper
> SQL database? Has anyone worked out a formula
> for the size based on users/mail rate?

The size of the data depends on the amount of mail traffic.  But suffice it
to say that more than likely, requiring it to be stored locally on an
embedded device would either limit the functionality of the implementation,
or exclude the device from use by users with anything but small amounts of
mail traffic.

If I were doing an implementation for an embedded application, I probably
would set it up to use a remote SQL host, so you don't need to store the
state locally.  Depending on a remote SQL server is only slightly more work
than a remote FTP or other storage server.

Another alternative is to modify the implementation so that less data is
needed to be kept, or that records are only kept for very short times.  In
either case, the drawbacks are pretty significant.

If there is sufficient ram for the DB, (16Meg or more) you may be able to do
it, but the amount of mail load it will handle may be fairly small,
especially since the spam rates are continuing to climb.  It may be
possible to solve the powerloss state issues by doing battery backed ram, or
another type of NV storage.


More information about the Greylist-users mailing list