-----Original Message----- From: Noel Jones
Sent: Saturday, January 17, 2015 12:20 AM
You want to conditionally run some extra restrictions based on the
outcome of prior restrictions? Some of the existing policy servers
do weighted scoring, which gives very similar results.
Conditional greylisting? Some of the existing greylisting daemons
do that already.
Do you have any specific suggestions?
I looked at several policy servers and could not find one that could
be (natively) configured to do what I want -- and I would like to
avoid hacking/patching the internals...
In fact, generally I feel that one of the problems with existing
policy servers is that there are too many of them, without clear
leader or clear comparison available =)
The mtpolicyd can be used to apply actions based on scoring.
The default configuration builds a score based on dns
whitelist/blacklists, spf and
geoip and applies actions based on the score:
https://github.com/benningm/mtpolicyd/blob/master/etc/mtpolicyd.conf
Based on the score the client is:
* rejected (and if configured with fail2ban blocked on IP layer)
* greylisted
* pass
If you're familiar with perl it should be easy to implement your own
checks in plugins
(without hacking internals):
https://www.mtpolicyd.org/getting-started.html#Mail::MtPolicyd::Cookbook::BasicModule
There are already several plugins:
https://www.mtpolicyd.org/documentation.html
Feedback, code, bug reports, requests welcome.
Markus
--
Markus Benning, https://markusbenning.de/
