[Greylist-users] Central whitelist database

Eirik Oeverby ltning at anduin.net
Thu Jun 26 19:47:21 PDT 2003 

On Thu, 26 Jun 2003 09:29:44 -0700
Scott Nelson <scott at spamwolf.com> wrote:
> How many IPs does it list - what percentage of the existing 
> mail servers is that?
> This is relevant because making a trust decision for a list
> can be a lot of work.  If the benefit of that work is that
> 1% of email isn't delayed the first time it appears, 
> then I'm not gaining much for that work.

I see your point. And I agree. But everything has to start small, right?
And there is a difference between the 'most common' mailhosts and the
'less common' ones. This will (over time) catch all the common ones,
many of the less common ones and a few of the uncommon ones. Even though
there are 4 million mail servers in the world, 95% of your mail is
probably from the top 5% of those. Or something in that ballpark anyway.

> Now that I think about it, it's probably not an issue for a whitelist.
> DoS a whitelist, and IPs that might have been trusted, aren't.
> I don't see how a spammer could gain from that.

Good point.
 
> >> The major advantage I see with whitelisting vs. blacklisting
> >> is that time to list, and time to report is far less critical.
> >> For greylisting, updates and comprehensiveness are even less
> >> important. If there was a "seed" list which I downloaded with the
> >> software, I probably wouldn't need (or want to bother with) any
> >> updates, ever.
> >
> >Good idea. Or atleast an initial download of the list upon
> >installation or something.
> >
> 
> The more I think about whitelisting IPs, the less I like it.
> The owners of IPs change with time.  Viruses can turn a trusted
> machine into an untrusted one in a eye blink.

I don't like the idea of whitelisting IPs either. It's the domain names
we should be after. Is that feasible? Should we whitelist hosts or
domain names containing many hosts? What could we 'miss' by going for
the hostnames themselves? Going by domain names only would probably not
be a good idea.. But if we go for hostnames only, I'm afraid those poor
people on dialups or dsl/cable with changing IPs won't stand much of a
chance of ever getting through here..


/Eirik
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.puremagic.com/pipermail/greylist-users/attachments/20030626/a50376d8/attachment.bin

More information about the Greylist-users mailing list