Thursday, August 16, 2007
Notes on an anti-spam system
At the weekly meeting the other day, Smirk asked me to look into some alternative anti-spam measures, since more and more spam is making it past the spam firewall. I mentioned the success of greylisting and he told me to look into it.
I've currently downloaded several packages for both Sendmail (what we use at The Office) and Postfix (what I personally use) and there's better support for greylisting now than there was three years ago, but I'm rather puzzled that all the implementations so far use some form of database backend to keep track of all the requests (tumgreyspf uses the filesystem, but as Mark likes to point out, that's a form of database) when one could just as easily keep track of the requests in memory.
It's not like we're stuck with 256M of RAM these days. Even on my Mac mini, the resident set size of Firefox is 16M and I figure you could store about 65,000 requests (which would be swept clean every hour anyway) in 16M.
So my plan is to write some greylist software that keeps everything in memory, so it should be fast, with no worries about resource exhaustion. The protocol used in Postfix is easy, and I can cannibalize code from two previous daemons I wrote to get up and running rather quickly.