qgreylistrbl 0.5 review
Downloadqgreylistrbl is an add-on for qmail. Now there are a lot of methods against spam, I have combined two of them: greylisting only fo
|
|
qgreylistrbl is an add-on for qmail.
Now there are a lot of methods against spam, I have combined two of them: greylisting only for dialin nodes and nodes listed on a RBL. NDNs with more than one recipient will be rejected with permanent error messages and without a greylist entry. A test for EHLO/HELO spoofing was added: if a string is obviously spoofed, the connection will be rejected with a permanent error message, without a greylist entry, and advice to RFC2821. You can define a maximum number of recipients per email.
Greylisting returns a temporary SMTP error at the first delivery attempt. Most spam is sent from bulk mailers that don't retry, so these attempts are blocked. Real mail servers will retry later after a temporary error, allowing the message to go through.
Of course cannot all mail be delayed half an hour or longer to our customers. Thats why I have decided to modify the program qgreylist from Jon Atkins. I have added a RBL request to accept emails from not RBL listed nodes and to delay only dialin lines and RBL listed nodes. The script tests the PTR record of each connecting host for a regular expression to detect dialin nodes.
qgreylist from Jon Atkins puts all files in one base dir. qgreylistrbl creates here a directory structure because of performance reasons. The cleanup is now done by a separate cronjob script and not by qgreylistrbl itself, because when there were some ten thousand files inside the mail server nearly stands still.
Most bulk mailers and zombies,too, do not have queue management. They blast that much emails out into the net, they would be swamped with it. An Example: We use a UW-160 Raid 10 for the queue, but the usual zombie out there has only one IDE disc. Beside even a layman would ask why his hard drive was running all the time.
Effect
80% less spam. Yes, truly. No false positives, NO email gets lost.
Usage
qgreylistrbl is a replacement for rblsmtpd by D.J. Bernstein. Simply put qgreylistrbl instead of rblsmtpd in the command line for starting qmail-smtpd.
Performance
qgreylistrbl is a Perl script. Expect some CPU usage. If you run a QMAILQUEUE-patched version of qmail-smtpd and spamassassin, the load will decrease extensive, because most connection attempts do not cause a mail delivery. With perl > 5.6.1 you can precompile the source code with perlcc.
Installation:
Just copy the perl script wherever you want and edit the start script for qmail-smtpd. qgreylistrbl is a simple replacement for rblsmtpd from D.J. Bernstein and can be used the same way.
Create the greylist IP folder:
# mkdir /var/qmail/qgreylistrbl
# chown qmaild /var/qmail/qgreylistrbl
Adjust User
If you need to install the perl module Mail:RBL, just do the following:
From the root prompt on your server, invoke the CPAN shell:
# perl -MCPAN -e shell
Once the Perl interpreter has loaded (and been configured), you can install modules by issuing the command install MODULENAME.
The first thing you should do is upgrade your CPAN:
cpan> install Bundle::CPAN
Once it's done (it will take a while, just enter all questions), type:
cpan> reload cpan
Now, enter the following command to retrieve all of the required modules:
cpan> install Mail::RBL
Then you can be shure everything is installed to correct locations.
Configuration:
At the beginnung of the script you have to adjust a few variables. See script for more details. Important are hostname, working directory, some paths and RBL services. You have to add a crontab entry as follows:
*/20 * * * * vpopmail /var/qmail/bin/qgreylist_cleanup.pl
Adjust user, path and time before.
Don't forget so set up logging facility in /etc/syslog.conf
Requirements:
Perl
What's New in This Release:
Lots of bugfixes
vpopmail support removed because of too little effect and performance reasons
qgreylistrbl 0.5 search tags