greylisting and dynamic host IPs, was: Default MTA for Fedora 7
Nils Philippsen
nphilipp at redhat.com
Mon Feb 5 14:54:22 UTC 2007
On Mon, 2007-02-05 at 11:25 +0000, David Woodhouse wrote:
> The point in greylisting is very simple: it's to check that the mail is
> coming from a 'proper' mail server which actually does retry mail when
> you give a temporary rejection. Some people naïvely delay all incoming
> mail (and some outgoing mail too, if they reject at RCPT TO and the
> recipient uses callouts) by greylisting indiscriminately. I prefer mail
> to be fast in the common case, so I like to delay _only_ mail which
> actually looks suspicious in some way, and I prefer _never_ to greylist
> mail from a host (IP address) which was already observed to retry in the
> past.
Note that you should probably only pass at greylisting if an IP is not
from one of the "known" ranges of dynamic IPs.
Nils
--
Nils Philippsen / Red Hat / nphilipp at redhat.com
"Those who would give up Essential Liberty to purchase a little Temporary
Safety, deserve neither Liberty nor Safety." -- B. Franklin, 1759
PGP fingerprint: C4A8 9474 5C4C ADE3 2B8F 656D 47D8 9B65 6951 3011
More information about the fedora-devel-list
mailing list