I'd not heard of a Bloom filter before, clever trick. What I don't see
anything about is whether this package has any notion of cleanup.
Descriptions of bloom filters specifically say that over time they
"fill" with false matches - meaning that over time, it's going to
start permitting mails that should be greylisted. Have you seen that
as a problem, or know how it's normally handled ?
I'm not entirely sure how the cleanup exactly works, but here's an
excerpt from the documentation in the conf file which probably relates
to that:
# 'filter_bits' is the size of the bloom filter. Size will be
2^filter_bits
# lowering this value will increase the probability of false matches
# in each individual bloom filter
# DEFAULT: filter_bits = 24
# 'number_buffers' is the number of filters used in the ring queue
# raising this value will cause an entry to stay in the servers' memory
longer
# DEFAULT: number_buffers = 8
# 'rotate_interval' is the number of seconds between filter rotation.
# Let N := 'number_buffers' and I := 'rotate_interval'. An entry will
# stay in the servers' memory for (N - 0.5) * I seconds in average.
# DEFAULT: rotate_interval = 3600
Anyway, I haven't experienced any problem so far (and this setup has
been running like forever, definitely more than 3 years; the only thing
is that it crashes about once a month and has to be restarted :-D ). But
yeah, it's not a disaster (for me) if there is a "false" positive (i.e.,
no greylisting when there should have been), e.g., when a spamming
server isn't on any RBL yet. And some spam gets through anyway even with
greylisting, so it's just one defense in an entire line. Here's what it
says on my (low volume) server:
Jun 1 16:54:19 fry grossd: grossd summary since startup (startup, now,
trust, match, greylist, block): 1461058621, 1464792859, 5086, 827, 1553,
175
Jun 1 16:54:19 fry grossd: grossd dnsbl matches (dbl.spamhaus.org,
fresh15.spameatingmonkey.net, urired.spameatingmonkey.net,
cbl.abuseat.org, b.barracudacentral.org, bl.spamcop.net,
dnsbl.sorbs.net, zen.spamhaus.org, dnsbl-3.uceprotect.net,
bl.blocklist.de, ix.dnsbl.manitu.net): 51, 188, 110, 444, 1091, 323,
982, 141, 78, 230, 598
_______________________________________________
Users mailing list
[email protected]
http://lists.policyd.org/mailman/listinfo/users_lists.policyd.org
