On Wed, Aug 13, 2025 at 12:15:52PM -0500, Al Iverson wrote:
> > Enjoy or ignore :)
> 
> Greytrapping is a term I wasn't familiar with previously.
> 
> Is it correct to say that greytrapping is basically enforced
> greylisting, disallowing the success of any retry for a defined
> interval? In your case, a 24 hour long blocking of the IP after
> initial connect?

The best condensate is along the lines of, when a greylisted host
tries to deliver mail to a known-bad address, that host is trapped
initially for 24 hours. During that period, any further traffic from
that host is "stuttered at", with our side answering one byte per second
by default (but tuneable to 1 byte every 10 seconds).

This means that each delivery attempt from a trapped host typically takes
between 300 and 700 seconds, with a few *extreme* outliers.

> Are you still generally happy with it, feeling that it stops some
> significant amount of spam successfully? Beyond the limitation of this
> being doable on IPv4 only currently.

The combination works quite well. I think the main advantage of the
trapping is that you can communicate the trapped hosts data to others,
either by syncing with other spamds or by exporting the lists for others
to import to their systems (I dump mine ten past every hour).

Then of course there is the potential for chuckles by seeing some hosts
hang on for weeks on end, trying and failing at successive delivery
attempt to some subset of the population of imaginary friends.

Header checks and content filtering still has a place, but the boxes
that perform those tasks run cooler and quieter with a greylisting +
greytrapping layer on the Internet-facing path.

All the best,
Peter

-- 
Peter N. M. Hansteen, member of the first RFC 1149 implementation team
https://bsdly.blogspot.com/ https://www.bsdly.net/ https://www.nuug.no/
"Remember to set the evil bit on all malicious network traffic"
delilah spamd[29949]: 85.152.224.147: disconnected after 42673 seconds.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Reply via email to