Kamaelia.Apps.Grey.GreyListingPolicy

• component GreyListingPolicy

• Greylisting Policy For/Subclass Of Concrete Mail Handler
  • Example Usage
  • How does it work?

Greylisting Policy For/Subclass Of Concrete Mail Handler

This component implements a greylisting SMTP proxy protocol, by subclassing ConcreteMailHandler and overriding the appropriate methods (primarily the shouldWeAcceptMail method).

For more detail, please see http://www.kamaelia.org/KamaeliaGrey

Example Usage

You use this as follows (at minimum):

ServerCore(protocol=GreyListingPolicy, port=25)

If you want to have a hardcoded/configured greylisting server you could do this:

class GreyLister(ServerCore):
    class protocol(GreyListingPolicy):
        allowed_senders = []
        allowed_sender_nets = []
        allowed_domains = [ ]

GreyLister(port=25)

How does it work?

Primarily it override the method shouldWeAcceptMail, and implements the following logic:

if self.sentFromAllowedIPAddress():  return True # Allowed hosts can always send to anywhere through us
if self.sentFromAllowedNetwork():    return True # People on truste networks can always do the same
if self.sentToADomainWeForwardFor():
    try:
        for recipient in self.recipients:
            if self.whiteListed(recipient):
                return True
            if not self.isGreylisted(recipient):
                return False
    except Exception, e:
        pass
    return True # Anyone can always send to hosts we own

Clearly AllowedIPAddress, AllowedNetwork, whiteListed, and DomainWeForwardFor are fairly clear concepts, so for more details on those please look at the implementation.

isGreylisted by comparison is slightly more complex. Fundamentally this works on the basis of saying this:

• have we seen the triple (ip, sender, recipient) before ?
• if we have, then allow the message through
• otherwise, defer the message

Now there is a little more subtlty here, based on the following conditions:

• If greylisted, and not been there too long, allow through
• If grey too long, refuse (restarting the greylisting for that combo)
• If not seen this triplet before, defer and note triplet
• If triplet retrying waaay too soon, reset their timer & defer
• If triplet retrying too soon generally speaking just defer
• If triplet hasn't been seen in aaaages, defer
• Otherwise, allow through & greylist them

---

Kamaelia.Apps.Grey.GreyListingPolicy.GreyListingPolicy

class GreyListingPolicy(Kamaelia.Apps.Grey.ConcreteMailHandler.ConcreteMailHandler)

Inboxes

Outboxes

Methods defined here

isGreylisted(self, recipient)

logResult(self)

sentFromAllowedIPAddress(self)

sentFromAllowedNetwork(self)

sentToADomainWeForwardFor(self)

shouldWeAcceptMail(self)

whiteListed(self, recipient)

Methods inherited from Kamaelia.Apps.Grey.ConcreteMailHandler.ConcreteMailHandler :

• getline_fromsmtpserver(self)
• handleVrfy(self, command)
• handleQuit(self, command)
• handleMail(self, command)
• __init__(self, **argv)
• handleNoop(self, command)
• handleRset(self, command)
• handleData(self, command)
• deferMail(self)
• handleDisconnect(self)
• handleRcpt(self, command)
• handleEhlo(self, command)
• RelayError(self)
• handleHelo(self, command)
• handleConnect(self)
• error(self, message)
• handleHelp(self, command)
• connectToRealSMTPServer(self)
• acceptMail(self)

Methods inherited from Kamaelia.Apps.Grey.MailHandler.MailHandler :

• noteToDebugLog(self, line)
• noteToLog(self, line)
• lastline(self)
• main(self)
• getline(self)
• handleCommand(self, command)
• netPrint(self, *args)
• logging_recv_connection(self)