Date: Sat, 7 Apr 2007 22:18:18 +1000 From: "Christopher Martin" <outsidefactor@iinet.net.au> To: "'Chuck Swiger'" <cswiger@mac.com> Cc: freebsd-questions@freebsd.org Subject: RE: Receiver (To/CC envelope fields) addresses verification against LDAP/Active Directory in sendmail Message-ID: <06d101c7790e$d3b9f130$d315a8c0@SAURON> In-Reply-To: <46165C9A.7040906@mac.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> -----Original Message----- > From: Chuck Swiger [mailto:cswiger@mac.com] > Sent: Saturday, 7 April 2007 12:44 AM > > You don't seem to mention using greylisting-- that will return a 4xx temp > failure for all initial connections (except from sites which have been > whitelisted). Only if the sender retries will the mail go through-- this > works great against dictionary-style attacks. > > -- > -Chuck The nervous nelly's above me with more sway are anti-greylisting, and my powers of persuasion have not been up to the task of changing their thinking. I have also read many comments along the lines of "It won't be long before the spammers change their tactics again to remove the effectiveness of greylisting" Additionally, we have a sales department and they all whinge about any sort of lag, and get full support of management to yell at us when they have to wait an extra minute or two for mail to arrive (and boy do they complain when a 30 MB e-mail takes 10 minutes to get to a client! Not that that is relevant to this subject). I guess I could white-list out all of sales' and senior management's addresses. I could even do an export from Active Directory to produce the whitelist, and that would allow me to only do certain departments. And worse case scenario is everyone's mail is delayed a little, where as the other method could result in lost mail if the LDAP query gets weird results. As that actually is lowering risk I could probably convince management on that footing. Great suggestion! Will have to run up a trial and check it out. Chris Martin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?06d101c7790e$d3b9f130$d315a8c0>