Tuesday, March 18, 2008

Now Using Greylite

In this old post, I spilled the beans on my new and improved spam filtering triple play: dspam, qgreylist and RBL checking. Overall, the system has worked well over the last four months, though I have noticed the increasing volume of spam showing up in my spam folder.

I suspected that the very simple form of greylisting implemented in qgreylist was the culprit, and after a bit of investigation, I found out that this indeed was the case. So, I set out to see if there was another greylisting implementation which could be used in my qmail installation.

Using my google-fu, I quickly zeroed in on Greylite. After reading up on it, I found that it held several advantages over qgreylist:
  1. Written in C instead of perl, so it should perform a bit snappier and be less of a burden on the mail server.
  2. Instead of only considering the IP address of the sender as qgreylist does, greylite considers the complete triplet of {IP address, from, to} before validating an IP address.
  3. All data is stored in a single sqlite3 database, whereas qgreylist stored the verified IP addresses as files in a single directory, which clutters the filesystem and increases access time in that directory as more IPs are validated.
  4. Greylite appears to have some enhanced functionality called `tuning suspicion' which allows you to customize how it behaves in certain circumstances.
To install it on my debian box, I first had to install sqlite3 (and the associated development libraries). Then, I downloaded the source code and followed the simple directions that came with it.

Less than 5 mintues later, and the server was up and running with its new greylisting implementation up and working perfectly. Flawless victory!

2 comments:

  1. Can you show file with rules,
    I like idea of greylite but man page is terrible

    ReplyDelete
  2. Unfortunately, I am no longer hosting our email. I gave up the headache and transfered it to Google.

    Sorry I couldn't be of more help!

    ReplyDelete