- This topic is empty.
-
Posts
-
I have been doing a lot of work lately with SMTP greylisting and have implemented this on a router product I use. It occurred to me that this could be a very effective addon for ZS.
It works by greylisting every inbound mail SMTP and delaying delivery. Only if the sender retries the same delivery triplet (source IP, source address and destination address) after preset time will mail get through.
This is easily done using an SMTP proxy and there are quite a few for postfix and others e.g. spey, postgrey etc.
The config on ZS could be very easy. A basic interface that allows:
enable/disable service
address of email server to send traffic on to (internal mail)
Greylist time – how long after a “new” triplet is added until it is allowed to send mail and how long an entry is retained since the last mail was received. I use 30 mins and 30 days.
Optional whitelist – source domains and addresses that can send mail with no check. Not really that critical IMOApart from that keep the interface simple. Setup would be to deliver SMTP to WAN i/f of ZS via MX. If service is disabled then allow traffic through if a NAT rule is in place. If service is enabled deliver SMTP to SMTP proxy on ZS box which then processes it.
Would anyone else think this would be useful?
After the release 1.0.beta8 of Zeroshell which will have the Netbalancer, one of the next release will have the SMTP server (Postfix MTA) with Spamassasin and a Greylist system to filter the spam messages.
Regards
Fulvio
- You must be logged in to reply to this topic.