Greylisting - a much needed feature |
Post Reply 
|
| Author | |
j3webservices 
Newbie 
Joined: 03 February 2006 Status: Offline Points: 3 |
 Post Options
 Thanks(0)
 Quote Reply
 Topic: Greylisting - a much needed featurePosted: 12 September 2006 at 5:06pm |
|
Are there any plans to implement greylisting? Here is a whitepaper on the subject: http://projects.puremagic.com/greylisting/whitepaper.html The basic premise is this: Every message attempt initially gets rejected with a 451 temporary error, and three pieces of info are cached: the IP, to addy, and from addy. If the same combination (IP,to,from) is seen again between min_time and max_time, the message is passed to other checks, and the triplet is cached for a period of time. Additional messags from the same triplet (IP,to,from) bypass the greylist. Min_time is usually around 5 minutes to prevent instant retries, and max_time is usually around 24 hours. Triplet cache time is on the order of days, something like 30-40 days. ASSP, a free spam proxy perl script, implements this, and it worked really well. The problem(***edit - program***) was buggy for other reasons or I would be using it. But the Greylist was a great feature. The reason it works is that most mail servers are configured to retry a couple of times after 10-60 minutes (sometimes even up to 24 hours) on a temporary error, whereas automatic spam programs usually give up on any error the first time, or will retry again very quickly. I would really like to see this implemented. Thoughts? Edited by j3webservices |
|
 |
|
|
WebGuyz
Senior Member 
Joined: 09 May 2005 Location: United States Status: Offline Points: 348 |
Post Options
Thanks(0)
Quote Reply
Posted: 13 September 2006 at 1:12am |
|
The blacklist cache ins SF works just as well as greylisting IMHO. After x amount of spams detected from a single IP address that address will no longer be allowed to connect for x amount of minutes (where x is settable). Easier to keep track of when you get a lot of traffic.
|
|
|
http://www.webguyz.net
|
|
|
|
|
j3webservices
Newbie
Joined: 03 February 2006 Status: Offline Points: 3 |
Post Options
Thanks(0)
Quote Reply
Posted: 13 September 2006 at 11:23am |
|
I'm sorry, but I disagree. Greylisting and the blacklist cache are two entirely different methodologies. Number one, the blacklist cache is a reactive filter - it waits for a certain amount of spam from an IP before doing anything. Number two, the ban is too broad, being based on IP only. I have had many problems with this feature where a legitimate emailer is trying to send mail through their ISP's mail server when the ISP also has a spamming customer in their midst. Granted, the ISP should be taking care of this, but all my clients care about is that they are not getting messages from legitimate contacts. A greylist solves both of these problems. Rather than relying on checking with friends ("Hey, is this server a spammer?") or the message content or country of origin, it challenges every message that comes through with "Prove to me you are legitimate." It's the fundamental difference of innocent until proven guilty vs. guilty until proven innocent. Given that 90%+ of my incoming mail is spam, I prefer the latter. Asking all the messages to wait for a few minutes and try again later is a very good way to "authenticate" legitimate messages. Most legitimate mail servers will retry on temporary failures after a short period of time. Most spamming programs only try once. Edited by j3webservices |
|
|
|
|
Desperado
Senior Member
Joined: 27 January 2005 Location: United States Status: Offline Points: 1143 |
Post Options
Thanks(0)
Quote Reply
Posted: 13 September 2006 at 7:06pm |
|
My 2 cents:
Graylisting has caused us, as an ISP, no end of problems. It has created extra traffic and tremendous tech support issues where we are asked by our users why they were graylisted and how can we fix it. This, even after we send a mailing to our users explaining graylisting and how it is not in our control and they are griping at the wrong guys. At the high volume, ISP level, graylisting should be banned!
|
|
|
The Desperado
Dan Seligmann. Work: http://www.mags.net Personal: http://www.desperado.com |
|
|
|
|
Roman
Newbie
Joined: 04 November 2005 Location: Russian Federation Status: Offline Points: 32 |
Post Options
Thanks(0)
Quote Reply
Posted: 20 September 2006 at 5:54pm |
|
Totally agree with Dan.
Graylisting will cause significant delays in most cases and delivery errors in some cases. |
|
|
|
|
LogSat
Admin Group 
Joined: 25 January 2005 Location: United States Status: Offline Points: 4104 |
Post Options
Thanks(0)
Quote Reply
Posted: 22 September 2006 at 8:11pm |
|
Greylisting is something we've been thinking about for a while. Howeverwe have found that other solutions we created, like the blacklist IP cache and the new SFDB filter have performed wonders, so dedicated most of our time developing new proprietary filters instead.
For some admins greylisting could be a nightmare, for some others it could be useful, this depends on the customer base. We're not discarding the idea of implementing it, however currently our efforts are dedicated to improving our existing filters and releasing the new SpamFilter Enterprise, which will allow more flexibility in the filtering rules per users and per domains. |
|
|
|
Topic Options|
Post Reply
|
|
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.281 seconds.