[Greylist-users] Too many "false positives" !?!

William Blunn bill--greylist at blunn.org
Mon Nov 21 06:29:12 PST 2005

Allan E. Johannesen wrote:
>>>>>> "dragon" == The Dragon <dragon at dragonskeep.org> writes:
> dragon> The only real problem I ever had was a server in Hawaii that 
> insisted
> dragon> on sender verification. Someone on our mailserver sends an 
> email, and
> dragon> immediately that server opens a connection back - wich of course
> dragon> tempfails, but they then result in failing delivery of our email.
> dragon> Ooops - caught between two different spamtraps - but I figured 
> they're
> dragon> sincere enough about spam that I can whitelist them immediately.
> Yes, verizon (a CLEC) does this as well.

Do you know what sender address they use to probe with?

Reason I ask is that there's a sort of convention to do probing with the 
empty sender, i.e.


Then if you have greylisting on your mail system, what you can do is to 
make the point at which you do greylisting conditional over whether or 
not the sender is the empty sender or the non-empty sender.

So, if it's the non-empty sender, you do greylisting at RCPT time, so as 
to do it before DATA time, and avoid wasting incoming bandwidth.

But if it's the empty sender, you do greylisting after DATA. Since 
probes typically stop when they get a successful response to RCPT, they 
never reach the greylisting point, and go away happy. If any sender does 
continue into a message, then they still get greylisted, but at the end 
of DATA.

That's what my systems do. That's then one less thing I have to maintain.

If you want to know how to do it, it should be easy to find with a bit 
of web research. (I can also do hand-holding at my standard rate.)


More information about the Greylist-users mailing list