disable greylisting for whitelisted IP's
Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=6537
Printed Date: 15 March 2025 at 7:58am
Topic: disable greylisting for whitelisted IP's
Posted By: kp4711
Subject: disable greylisting for whitelisted IP's
Date Posted: 13 August 2008 at 10:05am
|
How it is possible to disable grylisting for IP-Numbers on the whitelist?
If it ist not possible then I think it will be a new feature request.
greetings
kp
|
Replies:
Posted By: LogSat
Date Posted: 17 August 2008 at 10:48pm
|
WHile a very good idea, this request can't be implemented for technical reasons. The greylist is implemented at the TCP level right after a connection is made, before any MAIL FROM / RCPT TO commands are sent to SpamFilter. In SpamFilter Enterprise the IP whitelists are however dependent on the domain specified in the RCPT TO command, because in SpamFilter Enterprise all whitelists/blacklists are customizable for each domain. Due to this, since the greylist is checked before the RCPT TO command is used to determine which IP whitelist to use, the greylist filter has no idea of what the IP whitelist entries are going to be.
SpamFilter ISP "standard" uses the same code-base and same features of SpamFilter Enterprise. So even though in SpamFilter ISP there is only one whitelist, and the greylist filter would then be able to theoretically know what that is, due to the sharing of features between the two versions, we're hesitant to make the two versions behave differently. We'll monitor this thread to see what feedback we receive on this. ------------- Roberto Franceschetti http://www.logsat.com" rel="nofollow - LogSat Software http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP |
Posted By: Wayne
Date Posted: 16 September 2008 at 3:24am
|
Hi Roberto I understand this problem between the 2 versions, but we use Spamfilter standard and it would be very helpful if this can resolved in the standard version. We can make a survey, who would also like to have this in his standard version.  Sorry, i am not professional as you, but as idea, I don't know if this is stupid, but would it not possible for solve the the problem with the Enterprise version to create a "global whitelist" in which all whitelists from all domains brought together? Because then it would be possible to do without coding two versions for this feature. Isn't it?  Regards Wayne ------------- SF4.5.0.1-beta |
Posted By: WebGuyz
Date Posted: 16 September 2008 at 11:28pm
|
How about if SF checks for the presence of a text file, lets say greylistok.txt, and if it detects the existence of the file looks for a list of IP's in that text file. It adds them to the greylist ip list, deletes the file greylistok.txt file, and restarts itself. Likewise in SFE it can check a SQL table and if data exists use it to manually add to the greylist ip list.
------------- http://www.webguyz.net |
Posted By: Dan B
Date Posted: 30 September 2008 at 9:27pm
|
I like the WebGuyz method. Better yet. Instead of creating a new table. Why couldn't SF lookup at the wldomainsips table at the time of tcp connection?
Dan B ------------- Dan B |
Posted By: WebGuyz
Date Posted: 06 October 2008 at 2:26pm
|
Another good reason to be able to automatically add to the greylist is when you have more then one SFE.
Customer complained today about not receiving an email an hour after it was sent. Checked the logs and it had been sent to SFE1 which rejected it and 30 minutes later it was resent, but SFE2 picked it up and rejected it again for greylisting. of course the next resend will get it, but if the sending server has a long retry count having multiple SFE's becomes a liablity with greylisting. What if we grew and had 5 or more, someone might not get their mail for hours as the message made the round of the various SFE's.
 If there was a mechanism in SFE to accept manual submissions and it 'soft restarted' SFE automatically then we could write a script to compare the 2 files one each SFE server and insert the missing ones on the appropriate server so customer would not have to w-a-i-t such a long time.
Thanks for listening! ------------- http://www.webguyz.net |
Posted By: LogSat
Date Posted: 06 October 2008 at 10:47pm
|
WebGuyz,
This issue was brought up last year while the greylisting was being implemented. Please see the post at %20 - http://www.logsat.com/SpamFilter/Forums/forum_posts.asp?TID=6137#11080 for the discussion. You also had a suggestion back then on how to proceed, but unfortunately that implementation would not work reliably. The issue has always been high IP traffic, which is being handled in memory. By the time database tables have been flushed and re-imported, new IPs (hundreds for sites with 100-200 concurrent connections) will already have been processed in memory, and a re-import from the DB would then cause issues. While with effort things could be eventually be synchronized, we would have to put in place locking mechanisms at the TCP level to implement the synchronization, and doing so carries a high risk that, should something go wrong, the incoming traffic could stop.. ------------- Roberto Franceschetti http://www.logsat.com" rel="nofollow - LogSat Software http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP |
Posted By: WebGuyz
Date Posted: 06 October 2008 at 11:15pm
At least I have an excuse, I'm old and forget things. 
I only bring up issues when customers complain. Most of the time this is not an issue, but since we have no control of retry times from the senders server you have to agree it can cause a lot of grief with current greylisting implementation and multiple SFE's.
Since its been a year, have you come up with any better ideas?
Thanks!! ------------- http://www.webguyz.net |