On Thu, 13 Jan 2005, Gary Funck wrote: > Another question: How does CanIT (or other robust grey listing > implementations) handle messages with no sender (ie, From <>) > address?
I can't speak for other implementations, but CanIt treats <> just like any other address. > How do you distinguish between a call back to validate an > address/mailer, and a spammer getting ready to jam its message > through? We don't make that distinction. I should note that by default, CanIt defers greylisting until after the DATA phase. That's because some badly-written SMTP software cannot handle the situation in which all RCPT commands are tempfailed -- it sometimes causes the message to actually bounce. Because of this deferral, we do waste bandwidth because we wait until the message has been transmitted, but on the other hand, we don't interfere with address-checking callbacks. I'm also thinking about information that you could extract from a greylisted message. For example, if you save the message somewhere and wait for a few hours without seeing a retransmission, then the message is almost certainly spam and you can use the content of the message to train you Bayes database, report to a URL blocklist, etc... -- David. _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [email protected] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
