felix / gross Goto Github PK
View Code? Open in Web Editor NEWGreylisting of suspicious source (exported from code.google.com/p/gross)
License: Other
Greylisting of suspicious source (exported from code.google.com/p/gross)
License: Other
Make grossd to accept milter connections
Original issue reported on code.google.com by [email protected]
on 1 Feb 2007 at 6:42
There should be an option for grossd that makes it always send STATUS_TRUST
response. That way
one could safely simulate grossd in a live environment.
Original issue reported on code.google.com by [email protected]
on 10 Jan 2007 at 11:01
No grosscheck treats empty sender address as an error. It means that DSN's will
never get
greylisted. Sometimes spammers send mail with MAIL FROM:<>.
Original issue reported on code.google.com by [email protected]
on 20 Dec 2006 at 5:22
ordb has announced that they are shutting down their DNSBL. relays.ordb.org
must be removed
from the example config.
Original issue reported on code.google.com by [email protected]
on 19 Dec 2006 at 8:56
Make it possible to have ONE instance of grossd, which can both be called for a
check-WITH-dnsbl
and for a check-WITHOUT-dnsbl
Original issue reported on code.google.com by [email protected]
on 12 Jan 2007 at 11:36
The default config file path seems to be NONE/etc/grossd.conf, if --prefix was
not supplied
explicitly during configure.
open("NONE/etc/grossd.conf", O_RDONLY) Err#2 ENOENT
Original issue reported on code.google.com by [email protected]
on 20 Dec 2006 at 9:29
Would it be possible to have an option to set the amount of time a triplet
will be greylisted? Currently, it's effectively set to 0, since it will
accept the 2nd attempt immediately. I've heard of other greylisting
implementations that will greylist for up to 24 hours (extreme setting IMO)
before letting the messages through.
Assuming you have Y buffers, and X is your 'greylisting_buffer_offset' (or
whatever) option. Instead of doing a logical OR on 0 through Y-1 buffers,
only do the logical OR on X through Y-1 buffers. 0 through X-1 buffers are
never queried.
Original issue reported on code.google.com by [email protected]
on 12 Jan 2007 at 4:23
This is because delay() gets one message out from the queue when sleeping.
Original issue reported on code.google.com by [email protected]
on 18 Jan 2007 at 2:13
This is an RFE for the addition of a new check to perform a dns lookup on
the client_ip and obtain the reverse dns value and then match this value
against multiple regular expressions to determine if the message should be
greylisted.
The idea is that the reverse dns of the client_ip may indicate that the
sending host is not a normal mail server. e.g. it contains 'dhcp' or 'pool'
It should be considered that this could be used as a blacklist of sorts,
and what will happen if an administrator adds an excessive number of
regular expressions.
Original issue reported on code.google.com by [email protected]
on 10 Aug 2007 at 5:21
Processing delay (query received - response sent) should be logged.
Original issue reported on code.google.com by [email protected]
on 21 Dec 2006 at 11:10
dns-query accounting should be configurable.
Original issue reported on code.google.com by [email protected]
on 18 Dec 2006 at 6:31
grossd should skip only dnsbl checks when configured with --disable-dnsbl
Original issue reported on code.google.com by [email protected]
on 20 Apr 2007 at 8:00
grossd needs a separate command line option to enable debug logging. -d should
only run the
server on foreground with the default log level.
Original issue reported on code.google.com by [email protected]
on 20 Dec 2006 at 4:51
$prefix/lib installs with wrong permissions, and is not world accessible.
Original issue reported on code.google.com by [email protected]
on 19 Dec 2006 at 8:55
No grosscheck treats empty sender address as an error. It means that DSN's will
never get
greylisted. Sometimes spammers send mail with MAIL FROM:<>.
Original issue reported on code.google.com by [email protected]
on 20 Dec 2006 at 5:03
Change configuration to allow host names.
Original issue reported on code.google.com by [email protected]
on 9 Jan 2007 at 1:37
Tolerance counters break on OS X because it has no sem_getvalue()
Original issue reported on code.google.com by [email protected]
on 13 Jan 2007 at 7:33
Having an empty secondary host in mappings entry will break grosscheck. It will
treat client ip as a
port number to connect to. Right way to disable failover queries is set the
secondary server address
to '0'.
Original issue reported on code.google.com by [email protected]
on 12 Jan 2007 at 8:07
I was reading through http://en.wikipedia.org/wiki/Greylisting
"When a mail server is greylisted, the duration of time between the initial
delay and the re-transmission is variable. Some mail servers use a default
of 4 hours, though most will retry sooner."
we should configure the default number_buffers and rotate_interval to give
a total time of 4+ hours.
It would be worthwhile to survey other greylisting implementations to
figure out what they have found to be successful
Original issue reported on code.google.com by [email protected]
on 12 Jan 2007 at 4:06
Feature request: allow for configurable logging location
(I know that this is already on the TODO list in the README.)
Original issue reported on code.google.com by [email protected]
on 10 Jan 2007 at 2:35
It would be helpful if the timeout/retry/failover behavior was documented.
Original issue reported on code.google.com by [email protected]
on 17 Jan 2007 at 9:30
Currently it is possible to compile gross with- and without dnsbl. It would
be useful to be able to use gross both with- AND without dnsbl, using the
same instance with only one configuration file.
E.g. compile always with support for dnsbl
Gross determines whether dnsbl's lookups must be done or not, based upon
the presence (or absence) of dnsbl statements in the configuration file. IF
no dnsbl entries in the configfile THEN do not query any dnsbl, ELSE do
query the defined dnsbl's.
Original issue reported on code.google.com by [email protected]
on 2 Mar 2007 at 3:27
I would prefer only one log line per request. I know that this may
sacrifice readability, but it would make it easier to parse and give a
potentially smaller overall log size.
Original issue reported on code.google.com by [email protected]
on 18 Jan 2007 at 10:42
We must provide users a table showing how the size of the bloom filter affects
the error probability.
Original issue reported on code.google.com by [email protected]
on 19 Dec 2006 at 5:28
SJSMS client library path is wrong in the INSTALL document. It's due to package
name change from
grossd to gross.
Original issue reported on code.google.com by [email protected]
on 19 Dec 2006 at 8:58
There should be a command line option to create the configured state file.
Original issue reported on code.google.com by [email protected]
on 19 Dec 2006 at 5:26
requesting a new type of check that will query the client_ip against
various DNS WhiteLists
Original issue reported on code.google.com by [email protected]
on 24 Jan 2007 at 4:56
This is a request for enhancement for a new check type to perform a reverse
dns lookup on the client_ip, then perform a lookup on this value and
confirm that it resolves back to the client_ip.
Original issue reported on code.google.com by [email protected]
on 10 Aug 2007 at 5:24
There is no need for --with-worker configure option. Different servers should
be configured in
config file.
Original issue reported on code.google.com by [email protected]
on 15 Jan 2007 at 10:46
synchost, syncport and peerhost should be replaced by
sync = [localip:[port:]]peerip
Original issue reported on code.google.com by [email protected]
on 22 Dec 2006 at 2:30
It would be interesting to configure gross to query the sophos puremessage
IP blocker in addition to (or instead of) the DNSBLs. I think I have some
example code laying around somewhere.
Original issue reported on code.google.com by [email protected]
on 5 Jan 2007 at 5:19
There should be man pages for at least grossd.
Original issue reported on code.google.com by [email protected]
on 25 Apr 2007 at 4:38
[email protected]:
"it would be nice if gross would log to the $BASE/log directory. E.g.
when having /usr/local/gross, log to /usr/local/gross/log/grossd.log."
I gave it a low priority for now as we already have syslog logging.
Original issue reported on code.google.com by [email protected]
on 2 Feb 2007 at 10:05
Update queues should be synchronized. This is vital if the greylist_delay
is much longer than the default 10 seconds.
Original issue reported on code.google.com by [email protected]
on 16 Jan 2007 at 8:01
It would be helpful if the timeout/retry/failover behavior was documented.
It would also be helpful if this were somewhat configurable
Original issue reported on code.google.com by [email protected]
on 5 Jan 2007 at 5:17
If gclient is run on host of different endianess of the server, the protocol
breaks and grossd exits.
Original issue reported on code.google.com by [email protected]
on 5 Jan 2007 at 6:53
It seems that automake is not yet aware of the file
Original issue reported on code.google.com by [email protected]
on 19 Dec 2006 at 5:20
Grossd crashes:
Thu Jan 18 12:06:06 2007 #8: threadpool 'sjsms' starting
Thu Jan 18 12:06:06 2007 #5: initializing postfix thread pool
Thu Jan 18 12:06:06 2007 #5: doubling the space for message queues from 4 to 8
Thu Jan 18 12:06:06 2007 #9: threadpool 'postfix' starting
Thu Jan 18 12:06:06 2007 #8: threadpool 'sjsms' processing
Thu Jan 18 12:06:06 2007 #8: threadpool 'sjsms' starting another thread
Thu Jan 18 12:06:06 2007 #8: query from 127.0.0.1
Thu Jan 18 12:06:06 2007 #a: threadpool 'sjsms' starting
Assertion failed: brq, file bloom.c, line 350
Abort - core dumped
Original issue reported on code.google.com by [email protected]
on 18 Jan 2007 at 2:10
When testing postfix protocol I discovered that there is no \r\n line
terminators in the policy
protocol. They must be changed to plain \n.
Original issue reported on code.google.com by [email protected]
on 21 Dec 2006 at 2:30
how feasible will it be to configure replication across more than 2 servers
for greater load balancing and redundancy?
Original issue reported on code.google.com by [email protected]
on 18 Jan 2007 at 10:39
The default location for the config file is $PREFIX/etc/grossd. grossd should
look for the file there,
not in the current working directory.
Original issue reported on code.google.com by [email protected]
on 19 Dec 2006 at 5:23
From wikipedia: http://en.wikipedia.org/wiki/Greylisting
"In practice, most greylisting systems do not require an exact match on the
IP address and the sender address. Because large senders often have a pool
of machines that can send (and resend) e-mail from, IP addresses that have
the most-significant 24 bits (/24) the same are treated the equivalent, or
in some cases SPF records are used to determine the sending pool.
Similarly, because many mailing lists use Variable envelope return path
(VERP), if an exact match on the sender address is required, each post from
the mailing list will be delayed. Instead, some greylisting systems try to
eliminate the variable parts of the VERP by using only the sender domain
and the beginning of the local-part of the sender address."
Perhaps there could be a configurable options to make gross treat pooled IP
addresses equivalent
e.g.
match_ipaddr=24
Original issue reported on code.google.com by [email protected]
on 12 Jan 2007 at 4:11
What steps will reproduce the problem?
1. compile
2. start grossd -d
What is the expected output? What do you see instead?
Grossd shutdown with exit code 2: pthread_create No such file or directory
Please use labels and text to provide additional information.
Original issue reported on code.google.com by [email protected]
on 18 Dec 2006 at 9:14
Feature request: allow for configurable error message in SMTP response
Original issue reported on code.google.com by [email protected]
on 10 Jan 2007 at 2:37
the blocker queries seem to work as expected, but they cause a segmentation
fault after a short time period
debugging information sent to Eino.
Original issue reported on code.google.com by [email protected]
on 18 Jan 2007 at 10:44
Here is an idea for new configurable option:
grey_update_max = int
where the database will not update if more than grey_update_max checks match
this will give these senders a perpetual temp block, which is effectively
the same as a perm block, without too much of a code redesign.
it would require that check short-cutting would have to be disabled
Original issue reported on code.google.com by [email protected]
on 24 Jan 2007 at 5:13
There seems to be a lot of open udp connections when using grosscheck.so with
SJSMS.
Original issue reported on code.google.com by [email protected]
on 30 Jan 2007 at 12:13
requesting new feature to query the right-hand side of the sender address
against various RHSBLs
Original issue reported on code.google.com by [email protected]
on 24 Jan 2007 at 4:55
We could have Python hooks so that checks could be written in Python instead of
C. Also, the check
result evaluation could be handed over to a Python module. That way complicated
policy
requirements could be easily fulfilled.
Original issue reported on code.google.com by [email protected]
on 13 Jan 2007 at 4:48
gcc makes grosscheck so dependent on libgcc_s.so.1
configure should add -static-libgcc option for grosscheck target when compiling
with gcc.
Original issue reported on code.google.com by [email protected]
on 15 Jan 2007 at 6:18
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.