[Greylist-users] Greylisting with automatic IP address basedwhitelist

Alun auj at aber.ac.uk
Mon Jun 21 01:03:45 PDT 2004

Scott Nelson (scott at spamwolf.com) said, in message
    <aT5vaIe86J8qbrwan02 at x>:
> >My question is the reason why Greylisting does not use automatic IP
> >address based whitelist.


> Better IMO, is to whitelist the IP if it's listening on port 25.

Doesn't that mean that you immediately accept mail from open relays? I 
know you'd accept it eventually, but isn't the delay also supposed to 
give DNSBLs time to act and give you a second line of defence?

My approach (http://users.aber.ac.uk/auj/spam/) whitelists an IP if
it's successfully whitelisted 24 sender/recipient pairs (I don't use
triplets) over the course of 24 hours, where the oldest self-whitelisting is
24 hours older than the the newest. This seems to work well. My greylist
database has around 300,000 entries, while the IP whitelist has around
1,000. I have a cron job which does the IP whitelist maintenance by looking
at the greylist table, and which also drops from the IP whitelist any
addresses which are currently in a DNSBL. Additionally, if any of our users
reports a spam, any associated IP or greylist entries are dropped.


Alun Jones                       auj at aber.ac.uk
Systems Support,                 (01970) 62 2494
Information Services,
University of Wales, Aberystwyth

More information about the Greylist-users mailing list