SEO

I'm wondering if there's a way to have spamd automatically
whitelist *blocks* of addresses?

Why: various large email providers (gmail comes to mind) will
resend the (greylisted) email on different outgoing SMTP servers.
Since I don't get enough email to populate all the outgoing SMTP
servers as whitelist entries, it's a pain. Also, I don't want to
be micromanaging the email server to see which IP addresses are
getting through and which ones aren't and manually adding them
to the whitelist.

How: I'd propose a flag on the command line, that gives the CIDR
prefix (the "/nn" value) for blocks of addresses. So, you'd
specify something like -X24 and this would basically view all
ip addresses /24 as being "the same" for the purposes of
whitelisting. Thus, an attempt on 1.2.3.4 and 1.2.3.5 would be
considered as two attempts on the "same" IP address...

Thoughts?

Cheers,
-RK

--
Robert Krten, Antique computer collector looking for PDP-series
minicomputers; check out their "good home" at www.parse.com/~museum
Email address is valid; greylisting spam filter in effect.

rk@parse.com (Robert Krten) writes:

> I'm wondering if there's a way to have spamd automatically
> whitelist *blocks* of addresses?

spamd.conf(5) says:

The format of the list of addresses is expected to consist of one network
block or address per line (optionally followed by a space and text that
is ignored). Comment lines beginning with # are ignored. Network blocks
may be specified in any of the formats as in the following example:

# CIDR format
192.168.20.0/24
# A start - end range
192.168.21.0 - 192.168.21.255
# As a single IP address
192.168.23.1

Is this not working?

// marc

Marco S Hyman <marc@snafu.org> wrote:
> rk@parse.com (Robert Krten) writes:

> > I'm wondering if there's a way to have spamd automatically
> > whitelist *blocks* of addresses?

> spamd.conf(5) says:

> The format of the list of addresses is expected to consist of one network
> block or address per line (optionally followed by a space and text that
> is ignored). Comment lines beginning with # are ignored. Network blocks
> may be specified in any of the formats as in the following example:

> # CIDR format
> 192.168.20.0/24
> # A start - end range
> 192.168.21.0 - 192.168.21.255
> # As a single IP address
> 192.168.23.1

> Is this not working?

You missed the word "automatically" from my post... :-)

Suppose 1.2.3.4 tries to send mail, and gets greylisted. 15 minutes later,
the same ISP, but on a different SMTP server, say 1.2.3.5 tries to resend the
mail. Then again on 1.2.3.6. After a few hours of going through all the
SMTP servers, it gives up. The mail doesn't get delivered.

What I'm proposing is to add the -X (or whatever) option that allows me
to specify a CIDR block so that the addresses 1.2.3.4, 1.2.3.5, and 1.2.3.6
are all "recognized" as if they were the same address -- that is, the third
attempt, the one from 1.2.3.6, will cause the entire block to be whitelisted,
automatically...

Does that clarify it?

I don't think it presents significant harm, because the default can be 32,
meaning that each address is its own block. Even with a value of 24 that
is usually ok, it will catch class C blocks and would solve my example
problem of 1.2.3.4 through 1.2.3.6

Cheers,
-RK

--
Robert Krten, Antique computer collector looking for PDP-series
minicomputers; check out their "good home" at www.parse.com/~museum
Email address is valid; greylisting spam filter in effect.

Robert Krten <rk@parse.com> wrote:
> Marco S Hyman <marc@snafu.org> wrote:
> > rk@parse.com (Robert Krten) writes:

> > > I'm wondering if there's a way to have spamd automatically
> > > whitelist *blocks* of addresses?

> > spamd.conf(5) says:

> > The format of the list of addresses is expected to consist of one network
> > block or address per line (optionally followed by a space and text that
> > is ignored). Comment lines beginning with # are ignored. Network blocks
> > may be specified in any of the formats as in the following example:

> > # CIDR format
> > 192.168.20.0/24
> > # A start - end range
> > 192.168.21.0 - 192.168.21.255
> > # As a single IP address
> > 192.168.23.1

> > Is this not working?

> You missed the word "automatically" from my post... :-)

And I may not have specified a key point -- I don't know the IP address
in advance; otherwise, sure, like you surmized, I'd simply whitelist the
entire class C address...

[snip]

Cheers,
-RK
--
Robert Krten, Antique computer collector looking for PDP-series
minicomputers; check out their "good home" at www.parse.com/~museum
Email address is valid; greylisting spam filter in effect.

rk@parse.com (Robert Krten) writes:

> You missed the word "automatically" from my post... :-)

Ahh, got it. What I've done is use a variation of the list published on
greylisting.org -- http://www.greylisting.org/whitelisting.shtml -- to
seed my whitelist file. It contains the address blocks of some of the
common mail pools.

// marc