Lloyd Standish schreef:
A combination of Sendmail-milters (like DNSBL), followed by
SpamAssassin, is what a lot of mail servers use to fight spam. The DNSBL
is to SMTP-Reject most of it. Other milters can do a challenge-response
:) on the identity of the delivering server, like Reverse DNS. But I
think you already said that you can not optimize the server.
I am working to replace my current challenge-response system with a
procmail-powered whitelist scheme without challenges. This will
require daily review of a log of mails from non-whitelisted
addresses, and the temptation is to blacklist the sender address of
every message identified positively as spam.
What would you define as the "sender address"?
You could go for the same triple as greylisting uses:
{SERVER-IP, SMTP-MAIL-FROM (=Sender), SMTP-RCPT-TO (=Recipient)}
and treat every new triple as a potential spammer. Deliver a report of a
stalled message to the Recipient(s) and let them click on
Block / Maybe OK / Accept
where Block will insert the triple into the blocklist, Accept will
insert the triple into the greenlist and deliver the message, and Maybe
OK will only deliver the message but not change any list.
If the elements of the triple are not given to procmail (like by
Sendmail, through parameters), then you'll have to try to reconstruct
them from the message. There are often only limited ways to do that.
--
Grtz, Ruud
____________________________________________________________
procmail mailing list Procmail homepage: http://www.procmail.org/
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail