greylisting + LDAP

[William Burns]

Kourosh wrote:

>
>>t's a really useful link. I'm going to think about setting it up.
>>But... I've got 3 mail servers for my domain, w/ balanced MX records so
>>unless there's a shared database between the machines, it'll end up
>>giving out up to 3 tempfails for a single triplet. (and a shared
>>database might be a single-point-of-failure in an environment where
>>redundancy is key)
>>
>>
>
>Set up a read-only LDAP server on each machine with each LDAP server
>getting updates from a central read/write LDAP server.
>--
>Kourosh <mailscanner at mindwaresystems.com>
>
>
>
Getting off topic here, but how does/would the perl-milter code react
when it can't reach the central read/write server during "database" writes?

And... a spammer might not retry sending an e-mail if you've only got
one mail server but...
A spammer and/or a legit. MTA might respond to a tempfail on one server
by immediately checking w/ another mail server. (listed in MX records
for that domain)
If that happens, should the 2nd greylisting mail server consult the
database and accept the mail? If so, does the LDAP directory synchronize
quickly enough? If not, is there a datestamp that gets stored along w/
the IP/From/To "triple" so that the perl-milter code can respond w/
additional tempfails for a certain period of time?

-Bill