It appears that Gellner, Oliver via mailop <oliver.gell...@dm.de> said: >> That occasionally happens, but since I whitelist any /24 that has >> successfully retried, it doesn't happen very much. > >I see, this looks like a better approach. Unfortunately many greylisting >implementations only whitelist senders for a few days or even >less. Or they fail to sync connections across different MTAs / regions.
There's an unfortunate tendency for people to imagine that if X is a useful anti-spam measure, doing more X is better, which is usually wrong. Greylisting everything is worse than just greylisting unknown hosts, and a 5 second greet pause delay works as well as 5 minutes. My greylister remembers hosts for 90 days, on the theory that if they haven't sent mail for three months, they probably won't send mail ever. It also has a single daemon shared among all the MTAs to track the retries and whitelist. I recently added a greet pause for hosts subject to greylisting and I have to admit it works pretty well. Most of the hosts that get the pause are early talkers. It appears that nearly all hosts that aren't also retry. If that continues to be true, I'll just ditch the retries since the greet pause is less disruptive. R's, John _______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
