[Greylist-users] Problems with CommuniGate.

martin dempsey mjd at digitaleveryware.com
Fri Jun 27 12:06:08 PDT 2003


> timeout, one at 4.25 hours, one at 12.5 hours

I'm not certain the exact timeout is critcal for spam. Remember, if a spammer 
really wants to get through a greylist, its not hard - they can pay the 
bandwith and make enough retries to get through. 

So what you are trying to stop is a spammer who remails the same list and 
"accidently" gets through the greylist. If the spammer doesn't know about the 
greylist, he/she/it is likely to use a different return address and fail 
anyway.

So, extending the time helps semi-broken MTAs and mailing lists but I don't 
think there is any evidence of spammers (yet) trying to exploit it. If they 
understand greylists and really want to get through, a 2 hour retry will get 
them through regardless and is no more effort for them than a 10 hour retry. 

I've upped my limit to 8.2 hours. I think anything less than 24 hours is 
likely to stop spammers from accidently getting through.


More information about the Greylist-users mailing list