[Greylist-users] Greylisting with automatic IP address
basedwhitelist
Scott Nelson
scott at spamwolf.com
Thu Jun 17 10:37:50 PDT 2004
At 11:12 PM 6/17/04 +0900, Akihiro KAYAMA wrote:
>
>My question is the reason why Greylisting does not use automatic IP
>address based whitelist.
>
Doing so increases the amount of spam received, but decreases the delay.
There's some fear that it's too easy to by-pass this accidentally.
If by random luck, a spammer duplicates a message then over time you
whitelist all IPs. It works for small sites that don't get much email,
but for sites that get hundreds of thousands of emails a day it doesn't.
(Spammers could intentionally exploit it too, but if they're paying
that much attention, they could defeat "normal" greylisting just as easily.)
I recall some discussion about auto-whitelisting IPs if they
successfully retry N times without ever failing, but I can't find the
thread anymore.
Better IMO, is to whitelist the IP if it's listening on port 25.
Not only does that reduce delay on every message including the
first one, it also passes the tiny percentage of broken servers
that don't retry correctly.
Still need to whitelist big senders like AOL and Yahoo,
but there aren't very many senders so big they split the sending
and receiving functions of SMTP.
Scott Nelson <scott at spamwolf.com>
More information about the Greylist-users
mailing list