[Greylist-users] Bagley: version 0.01 available

John W. Baxter jwblist at olympus.net
Fri Mar 5 11:10:03 PST 2004 

On 3/2/2004 19:20, "Tim Freeman" <tim at fungible.com> wrote:

> I agree with the previous poster that Yahoo also uses variable
> envelope return paths so they'll never stop being tempfail'ed with any
> reasonable greylisting implementation, except one that lets them
> through as a special case.

[I've been lurking while we've been working on our implementation.  John
Baxter, Port Ludlow, Washington.  http://www.olympus.net]


Exim 4.3.  We're doing things at RCPT TO: time, using Exim's readsocket to
talk to our Python program (daemon).  The latter has an opportunity to
normalize various things prior to lookup (MySQL).

For empty sender messages, though, we're deferring to DATA time to try to
avoid upsetting callbacks from the receiving servers on our outgoing
messages.

For the moment, we've whitelisted the known (to us) Yahoo Groups servers.

WebCrossing is also going to be a (minor) problem, as its VERP is per
list/recipient/message.  But at least they retry sensibly.  We think we can
normalize the message number out of the rest, down the road.  Fortunately,
WebCrossing is only just getting into the mailing list "game"
(tidbits-talk...see http://www.tidbits.com if you want to join to exercise
that one).  [Oddly, the message number is per recipient, as I found when I
subscribed a second account to check on commonalities...my old account's
message 430 or so matched the new account's message 1.]  Since it's a new
implementation, perhaps there's time to influence the VERP design.  I've
whitelisted the tidbits-talk server to avoid the need for retries for every
message.

RCPT time has the distinct advantage of allowing per-recipient whitelisting
on multiple RCPT messages (some of our users may want greylisting off
altogether...others may whitelist certain senders, some may want greylisting
off during the work day and on overnight, etc etc).

We're currently running an opt-in (really ;-)) evaluation program for a few
of our users (and most of our staff).  It's been going quite well...this
morning we encountered something that claims to be sendmail which is
retrying at a remarkably leisurely pace (14 hours or so).  Small self-run
server.

  --John

More information about the Greylist-users mailing list