Slightly OT: Greylisting success or failure stories?
Aleksandar Milivojevic
amilivojevic at pbl.ca
Fri Feb 4 15:45:13 UTC 2005
David Hoffman wrote:
> The reason I was asking for information was not to start a C/R flame
> war. It was because some articles on greylisting talk about how
> non-compliant MTAs can break the greylisting system by NOT sending
> back legitimate messages after the delay, or by seeing the delay
> response as an error and reporting it back to the original sender.
Your first issue of MTA not attempting to redeliver, I wouldn't worry
about it much. Such MTA is going to loose tons of other mail too, and
whoever was using it, will soon realiase he/she needs something better.
The second issue is more problematic. It can be (for example) result of
pure misconfiguration. For example, somebody sets queue runs to go
every 5 hours (instead of intended 5 minutes), and with sendmail's
default timeout for sending warnings, the sender will get warning
message when he sends to greylisted address. I wouldn't worry much
about that either, reasons being:
It is very rare.
Even if user gets the warning, it will clearly state it was warning, and
that he/she doesn't need to resend the message (at least that is how
sendmail's warning messages look like).
The mail will be delivered at the end.
Site that has such an (mis)configuration, would soon realise mistake
even if nobody in the world used greylisting. There would be tons of
warning messages for non-greylisted addresses too. I don't have that
many users around here, but outgoing mail queues on my mail servers are
all but empty (for reasons not related with greylisting). If I had such
an buggy MTA, my users would be annoyed with it even for sites that do
not implement greylisting.
Most of email communication tends to be on regular basis. If your
greylist filter whitelists addresses for long enough period of time (one
week, or even one month), only the first mail between particular sender
and receiver will be greylisted (and generate spurious warning message),
and all other communication will go uninterupted forever. For example,
as soon as you receive first mail from this mailing list, all other
mails from this mailing list will not be delayed (unless you manually
delete your greylisting database, or mailing list server changes its IP
address, for example).
--
Aleksandar Milivojevic <amilivojevic at pbl.ca> Pollard Banknote Limited
Systems Administrator 1499 Buffalo Place
Tel: (204) 474-2323 ext 276 Winnipeg, MB R3T 1L7
More information about the fedora-list
mailing list