[Greylist-users] Central whitelist database
Evan Harris
eharris at puremagic.com
Tue Jun 24 17:42:09 PDT 2003
On Tue, 24 Jun 2003, Eirik Oeverby wrote:
> However there are many things that can be done before it gets to that.
> As a preparation, I have been toying with the idea of setting up some
> kind of central whitelist, a database that can be queried and/or
> subscribed to by people running MTAs and who wishes to make the burden
> upon their users as small as possible.
I've considered this. I was trying to devise a better mechanism than either
manual or a batched update or using a dns-based system like the blacklists
do.
I haven't decided what way I'd like to do it. I would rather stay away from
something that requires connecting to a "master" server. How to manage
updates is also a problem, but I'll get to that in a bit.
In the meantime, I'd be happy to host a simple whitelist here alongside the
paper and code, if people want to submit their entries to me offlist.
> I can even think of a mechanism where this central greylisting can
> happen automatically. For instance, if mail from a certain domain is
> coming in often, and is always being let through over a period of time,
> it could be assumed that this domain must be a good one, since noone
> complained about it or blacklisted it. An MTA subscribing to the
> 'central' whitelist could then submit this domain for acceptance into
> this central database, where some kind of validation would happen (i.e.
> checking that this domain has also been submitted by others) and
> eventually it would be put into the database.
I don't think an automatic system based on traffic patterns is a good idea.
It is too easy for that type of system to be abused by spammers. What would
stop them from installing a bunch of systems with some sort of fake client
to submit "good" reports for their own IP's.
Luckily, the sites that should need whitelisting should be pretty small, so
checking them by hand shouldn't be much of a problem.
I've already been planning on writing a script to sync "slave" greylisting
databases with a "master" database, specifically for use in cases where MX
hosts for a domain may be distributed network-wise. As I described in my
paper, it's a good idea to run from a common database, but that becomes a
single point of failure.
If there's a script to sync databases, then each MX can run from it's own DB
as long as it syncs occasionally (every half hour?), and that issue is
removed.
I already know how I plan to do this, just need to have the free time to
code it up.
Evan
More information about the Greylist-users
mailing list