Policyd-weight
Encyclopedia
policyd-weight is a mail filter for the Postfix
mail transfer agent
(MTA) written in Perl
, by Robert Felber. It allows postfix to evaluate mail envelope information and to score mail against several DNS-based Blackhole Lists (DNSBL
) before the mail is queued. The final score will determine whether a mail is rejected or accepted, in which case it is usually then subject to more resource intensive checks by a virus scanner and spam filter.
. It uses DNSBL
, RHSBL, MX
and A DNS
queries of the envelope sender and HELO SMTP
arguments to evaluate the possibility of either forgery
or spam. Rejection happens based on an overall score, so a single blacklist entry may not cause the mail to be rejected. The score is determined by various checks and is not linear. The administrator is able to adjust scores for each check to meet her requirements. policyd-weight caches the most frequent queries to minimize bandwidth and CPU usage.
The benefit of this approach is that it is able to reject a delivery attempt before the body (DATA) of the mail has been received (unlike most installations of SpamAssassin
or amavisd), thus saving network bandwidth. Also it does not add delays like Greylisting
and keeps out clients which fake HELO or sender information with a better accuracy and fewer false positives
than Sender Policy Framework
(SPF) checks (example: blocked forwarders due to inconsistent SPF-records or passed Spam/Phishing due to Spam/Phishing-Domains with consistent SPF-records set).
, licensed and released under the GNU General Public License
by Selling-IT Robert Felber.
Postfix (software)
In computing, Postfix is a free and open-source mail transfer agent that routes and delivers electronic mail. It is intended as a fast, easier-to-administer, and secure alternative to the widely-used Sendmail MTA....
mail transfer agent
Mail transfer agent
Within Internet message handling services , a message transfer agent or mail transfer agent or mail relay is software that transfers electronic mail messages from one computer to another using a client–server application architecture...
(MTA) written in Perl
Perl
Perl is a high-level, general-purpose, interpreted, dynamic programming language. Perl was originally developed by Larry Wall in 1987 as a general-purpose Unix scripting language to make report processing easier. Since then, it has undergone many changes and revisions and become widely popular...
, by Robert Felber. It allows postfix to evaluate mail envelope information and to score mail against several DNS-based Blackhole Lists (DNSBL
DNSBL
A DNSBL is a list of IP addresses published through the Internet Domain Name Service either as a zone file that can be used by DNS server software, or as a live DNS zone that can be queried in real-time...
) before the mail is queued. The final score will determine whether a mail is rejected or accepted, in which case it is usually then subject to more resource intensive checks by a virus scanner and spam filter.
Features
policyd-weight works as a policy daemon in PostfixPostfix (software)
In computing, Postfix is a free and open-source mail transfer agent that routes and delivers electronic mail. It is intended as a fast, easier-to-administer, and secure alternative to the widely-used Sendmail MTA....
. It uses DNSBL
DNSBL
A DNSBL is a list of IP addresses published through the Internet Domain Name Service either as a zone file that can be used by DNS server software, or as a live DNS zone that can be queried in real-time...
, RHSBL, MX
MX record
A mail exchanger record is a type of resource record in the Domain Name System that specifies a mail server responsible for accepting email messages on behalf of a recipient's domain, and a preference value used to prioritize mail delivery if multiple mail servers are available...
and A DNS
Domain name system
The Domain Name System is a hierarchical distributed naming system for computers, services, or any resource connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities...
queries of the envelope sender and HELO SMTP
Simple Mail Transfer Protocol
Simple Mail Transfer Protocol is an Internet standard for electronic mail transmission across Internet Protocol networks. SMTP was first defined by RFC 821 , and last updated by RFC 5321 which includes the extended SMTP additions, and is the protocol in widespread use today...
arguments to evaluate the possibility of either forgery
Message forgery
In cryptography, message forgery is the sending of a message to deceive the recipient as to whom the real sender is. A common example is sending a spam e-mail as if it were originated from an address other than the one which was really used.-See also:...
or spam. Rejection happens based on an overall score, so a single blacklist entry may not cause the mail to be rejected. The score is determined by various checks and is not linear. The administrator is able to adjust scores for each check to meet her requirements. policyd-weight caches the most frequent queries to minimize bandwidth and CPU usage.
The benefit of this approach is that it is able to reject a delivery attempt before the body (DATA) of the mail has been received (unlike most installations of SpamAssassin
SpamAssassin
SpamAssassin is a computer program released under the Apache License 2.0 used for e-mail spam filtering based on content-matching rules. It is now part of the Apache Foundation....
or amavisd), thus saving network bandwidth. Also it does not add delays like Greylisting
Greylisting
Greylisting is a method of defending e-mail users against spam. A mail transfer agent using greylisting will "temporarily reject" any email from a sender it does not recognize. If the mail is legitimate the originating server will, after a delay, try again and, if sufficient time has elapsed, the...
and keeps out clients which fake HELO or sender information with a better accuracy and fewer false positives
Type I and type II errors
In statistical test theory the notion of statistical error is an integral part of hypothesis testing. The test requires an unambiguous statement of a null hypothesis, which usually corresponds to a default "state of nature", for example "this person is healthy", "this accused is not guilty" or...
than Sender Policy Framework
Sender Policy Framework
Sender Policy Framework is an email validation system designed to prevent email spam by detecting email spoofing, a common vulnerability, by verifying sender IP addresses. SPF allows administrators to specify which hosts are allowed to send mail from a given domain by creating a specific SPF...
(SPF) checks (example: blocked forwarders due to inconsistent SPF-records or passed Spam/Phishing due to Spam/Phishing-Domains with consistent SPF-records set).
Licensing
policyd-weight is Free softwareFree software
Free software, software libre or libre software is software that can be used, studied, and modified without restriction, and which can be copied and redistributed in modified or unmodified form either without restriction, or with restrictions that only ensure that further recipients can also do...
, licensed and released under the GNU General Public License
GNU General Public License
The GNU General Public License is the most widely used free software license, originally written by Richard Stallman for the GNU Project....
by Selling-IT Robert Felber.