Slightly OT: Greylisting success or failure stories?

Aleksandar Milivojevic amilivojevic at pbl.ca
Fri Feb 4 15:45:13 UTC 2005 

David Hoffman wrote:
> The reason I was asking for information was not to start a C/R flame
> war. It was because some articles on greylisting talk about how
> non-compliant MTAs can break the greylisting system by NOT sending
> back legitimate messages after the delay, or by seeing the delay
> response as an error and reporting it back to the original sender.

Your first issue of MTA not attempting to redeliver, I wouldn't worry 
about it much.  Such MTA is going to loose tons of other mail too, and 
whoever was using it, will soon realiase he/she needs something better.

The second issue is more problematic.  It can be (for example) result of 
pure misconfiguration.  For example, somebody sets queue runs to go 
every 5 hours (instead of intended 5 minutes), and with sendmail's 
default timeout for sending warnings, the sender will get warning 
message when he sends to greylisted address.  I wouldn't worry much 
about that either, reasons being:

It is very rare.

Even if user gets the warning, it will clearly state it was warning, and 
that he/she doesn't need to resend the message (at least that is how 
sendmail's warning messages look like).

The mail will be delivered at the end.

Site that has such an (mis)configuration, would soon realise mistake 
even if nobody in the world used greylisting.  There would be tons of 
warning messages for non-greylisted addresses too.  I don't have that 
many users around here, but outgoing mail queues on my mail servers are 
all but empty (for reasons not related with greylisting).  If I had such 
an buggy MTA, my users would be annoyed with it even for sites that do 
not implement greylisting.

Most of email communication tends to be on regular basis.  If your 
greylist filter whitelists addresses for long enough period of time (one 
week, or even one month), only the first mail between particular sender 
and receiver will be greylisted (and generate spurious warning message), 
and all other communication will go uninterupted forever.  For example, 
as soon as you receive first mail from this mailing list, all other 
mails from this mailing list will not be delayed (unless you manually 
delete your greylisting database, or mailing list server changes its IP 
address, for example).

-- 
Aleksandar Milivojevic <amilivojevic at pbl.ca>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7

More information about the fedora-list mailing list