public blacklists
Scot L. Harris
webid at cfl.rr.com
Thu Dec 9 13:23:49 UTC 2004
On Thu, 2004-12-09 at 06:10, Ow Mun Heng wrote:
>
> I was just asking that question. Thanks for clearing that up. So,
> effectively, it's just another form of greylisting then.
>
>
Actually no. Greylisting is much different from SURBL or RBLs.
Greylisting uses the SMTP RFC standards in a some what unique way. When
an SMTP server connects to your server to deliver a message your server
checks a database for a tuple that matches (IP address, sender,
recipient). It has not been seen before and it is not in the whitelist
a temporary failure code is returned to the sending SMTP server. Normal
SMTP servers when they receive a temporary failure code will queue the
message and retry it later. Zombie spam servers won't retry the message
later. As a result your system does not accept the contents of the
message and does not have to do any further processing to reject the
spam messages. I have seen this block better than 95% of spam being
sent to a system.
So greylisting does not rely on any outside block lists of any type. I
expect that it is much more efficient and more accurate than any block
list as well.
> > One suggestion, set things up to run spamassassin only on non mailing
> > list messages. That will improve the speed of email processing on your
> > system. I have seen very little spam in the mailing lists so this seems
> > to be a reasonable process.
>
> That depends actually, Most mailing lists runs some sort of spam checks.
> But some don't. eg: ACPI-Devel. Now, that one does not, it even has
> viruses coming in.
>
That is bad! The list owners need to do a little work then. :)
--
Scot L. Harris
webid at cfl.rr.com
Q: What's the difference between Bell Labs and the Boy Scouts of America?
A: The Boy Scouts have adult supervision.
More information about the fedora-list
mailing list