Spam Filter ISP Support Forum

  New Posts New Posts RSS Feed - disable greylisting for whitelisted IP's
  FAQ FAQ  Forum Search   Register Register  Login Login

disable greylisting for whitelisted IP's

 Post Reply Post Reply
Author
kp4711 View Drop Down
Newbie
Newbie


Joined: 04 December 2006
Location: Germany
Status: Offline
Points: 33
Post Options Post Options   Thanks (0) Thanks(0)   Quote kp4711 Quote  Post ReplyReply Direct Link To This Post Topic: disable greylisting for whitelisted IP's
    Posted: 13 August 2008 at 10:05am
How it is possible to disable grylisting for IP-Numbers on the whitelist?
If it ist not possible then I think it will be a new feature request.
greetings
kp
 
Back to Top
LogSat View Drop Down
Admin Group
Admin Group
Avatar

Joined: 25 January 2005
Location: United States
Status: Offline
Points: 4104
Post Options Post Options   Thanks (0) Thanks(0)   Quote LogSat Quote  Post ReplyReply Direct Link To This Post Posted: 17 August 2008 at 10:48pm
WHile a very good idea, this request can't be implemented for technical reasons. The greylist is implemented at the TCP level right after a connection is made, before any MAIL FROM / RCPT TO commands are sent to SpamFilter. In SpamFilter Enterprise the IP whitelists are however dependent on the domain specified in the RCPT TO command, because in SpamFilter Enterprise all whitelists/blacklists are customizable for each domain. Due to this, since the greylist is checked before the RCPT TO command is used to determine which IP whitelist to use, the greylist filter has no idea of what the IP whitelist entries are going to be.

SpamFilter ISP "standard" uses the same code-base and same features of SpamFilter Enterprise. So even though in SpamFilter ISP there is only one whitelist, and the greylist filter would then be able to theoretically know what that is, due to the sharing of features between the two versions, we're hesitant to make the two versions behave differently. We'll monitor this thread to see what feedback we receive on this.
Roberto Franceschetti

LogSat Software

Spam Filter ISP
Back to Top
Wayne View Drop Down
Groupie
Groupie
Avatar

Joined: 29 August 2006
Location: Switzerland
Status: Offline
Points: 60
Post Options Post Options   Thanks (0) Thanks(0)   Quote Wayne Quote  Post ReplyReply Direct Link To This Post Posted: 16 September 2008 at 3:24am
Hi Roberto

I understand this problem between the 2 versions, but we use Spamfilter standard and it would be very helpful if this can resolved in the standard version.
We can make a survey, who would also like to have this in his standard version. Embarrassed
Sorry, i am not professional as you, but as idea, I don't know if this is stupid, but would it not possible for solve the the problem with the Enterprise version to create a "global whitelist" in which all whitelists from all domains brought together? Because then it would be possible to do without  coding two versions for this feature. Isn't it? Geek

Regards
Wayne


Edited by Wayne - 16 September 2008 at 3:32am
SF4.5.0.1-beta
Back to Top
WebGuyz View Drop Down
Senior Member
Senior Member


Joined: 09 May 2005
Location: United States
Status: Offline
Points: 348
Post Options Post Options   Thanks (0) Thanks(0)   Quote WebGuyz Quote  Post ReplyReply Direct Link To This Post Posted: 16 September 2008 at 11:28pm
How about if SF checks for the presence of a text file, lets say greylistok.txt, and if it detects the existence of the file  looks for a list of IP's in that text file. It adds them to the greylist ip list, deletes the file greylistok.txt file, and restarts itself. Likewise in SFE it can check a SQL table and if data exists use it to manually add to the greylist ip list.
 
 
http://www.webguyz.net
Back to Top
Dan B View Drop Down
Senior Member
Senior Member
Avatar

Joined: 09 February 2005
Location: United States
Status: Offline
Points: 105
Post Options Post Options   Thanks (0) Thanks(0)   Quote Dan B Quote  Post ReplyReply Direct Link To This Post Posted: 30 September 2008 at 9:27pm
I like the WebGuyz method.  Better yet.  Instead of creating a new table.  Why couldn't SF lookup at the wldomainsips table at the time of tcp connection?
 
Dan B
Dan B
Back to Top
WebGuyz View Drop Down
Senior Member
Senior Member


Joined: 09 May 2005
Location: United States
Status: Offline
Points: 348
Post Options Post Options   Thanks (0) Thanks(0)   Quote WebGuyz Quote  Post ReplyReply Direct Link To This Post Posted: 06 October 2008 at 2:26pm
Another good reason to be able to automatically add to the greylist is when you have more then one SFE.
 
Customer complained today about not receiving an email an hour after it was sent. Checked the logs and it had been sent to SFE1 which rejected it and 30 minutes later it was resent, but SFE2 picked it up and rejected it again for greylisting. of course the next resend will get it, but if the sending server has a long retry count having multiple SFE's becomes a liablity with greylisting. What if we grew and had 5 or more, someone might not get their mail for hours as the message made the round of the various SFE's.  Wink
 
If there was a mechanism in SFE to accept manual submissions and it 'soft restarted' SFE automatically then  we could write a script to compare the 2 files one each SFE server and insert the missing ones on the appropriate server so customer would not have to w-a-i-t such a long time.
 
Thanks for listening!
http://www.webguyz.net
Back to Top
LogSat View Drop Down
Admin Group
Admin Group
Avatar

Joined: 25 January 2005
Location: United States
Status: Offline
Points: 4104
Post Options Post Options   Thanks (0) Thanks(0)   Quote LogSat Quote  Post ReplyReply Direct Link To This Post Posted: 06 October 2008 at 10:47pm
WebGuyz,

This issue was brought up last year while the greylisting was being implemented. Please see the post at http://www.logsat.com/SpamFilter/Forums/forum_posts.asp?TID=6137#11080 for the discussion. You also had a suggestion back then on how to proceed, but unfortunately that implementation would not work reliably. The issue has always been high IP traffic, which is being handled in memory. By the time database tables have been flushed and re-imported, new IPs (hundreds for sites with 100-200 concurrent connections) will already have been processed in memory, and a re-import from the DB would then cause issues. While with effort things could be eventually be synchronized, we would have to put in place locking mechanisms at the TCP level to implement the synchronization, and doing so carries a high risk that, should something go wrong, the incoming traffic could stop..
Roberto Franceschetti

LogSat Software

Spam Filter ISP
Back to Top
WebGuyz View Drop Down
Senior Member
Senior Member


Joined: 09 May 2005
Location: United States
Status: Offline
Points: 348
Post Options Post Options   Thanks (0) Thanks(0)   Quote WebGuyz Quote  Post ReplyReply Direct Link To This Post Posted: 06 October 2008 at 11:15pm
At least I have an excuse, I'm old and forget things. LOL
 
I only bring up issues when customers complain. Most of the time this is not an issue, but since we have no control of retry times from the senders server you have to agree it can cause a lot of grief with current greylisting implementation and multiple SFE's.
 
Since its been a year,  have you come up with any better ideas?  Wink
 
Thanks!!
http://www.webguyz.net
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down



This page was generated in 0.260 seconds.