[Greylist-users] Problems with CommuniGate.
mjd at digitaleveryware.com
Fri Jun 27 12:06:08 PDT 2003
> timeout, one at 4.25 hours, one at 12.5 hours
I'm not certain the exact timeout is critcal for spam. Remember, if a spammer
really wants to get through a greylist, its not hard - they can pay the
bandwith and make enough retries to get through.
So what you are trying to stop is a spammer who remails the same list and
"accidently" gets through the greylist. If the spammer doesn't know about the
greylist, he/she/it is likely to use a different return address and fail
So, extending the time helps semi-broken MTAs and mailing lists but I don't
think there is any evidence of spammers (yet) trying to exploit it. If they
understand greylists and really want to get through, a 2 hour retry will get
them through regardless and is no more effort for them than a 10 hour retry.
I've upped my limit to 8.2 hours. I think anything less than 24 hours is
likely to stop spammers from accidently getting through.
More information about the Greylist-users