[Greylist-users] Greylisting with automatic IP address
auj at aber.ac.uk
Mon Jun 21 01:03:45 PDT 2004
Scott Nelson (scott at spamwolf.com) said, in message
<aT5vaIe86J8qbrwan02 at x>:
> >My question is the reason why Greylisting does not use automatic IP
> >address based whitelist.
> Better IMO, is to whitelist the IP if it's listening on port 25.
Doesn't that mean that you immediately accept mail from open relays? I
know you'd accept it eventually, but isn't the delay also supposed to
give DNSBLs time to act and give you a second line of defence?
My approach (http://users.aber.ac.uk/auj/spam/) whitelists an IP if
it's successfully whitelisted 24 sender/recipient pairs (I don't use
triplets) over the course of 24 hours, where the oldest self-whitelisting is
24 hours older than the the newest. This seems to work well. My greylist
database has around 300,000 entries, while the IP whitelist has around
1,000. I have a cron job which does the IP whitelist maintenance by looking
at the greylist table, and which also drops from the IP whitelist any
addresses which are currently in a DNSBL. Additionally, if any of our users
reports a spam, any associated IP or greylist entries are dropped.
Alun Jones auj at aber.ac.uk
Systems Support, (01970) 62 2494
University of Wales, Aberystwyth
More information about the Greylist-users