[Greylist-users] Too many "false positives" !?!
bill--greylist at blunn.org
Mon Nov 21 06:29:12 PST 2005
Allan E. Johannesen wrote:
>>>>>> "dragon" == The Dragon <dragon at dragonskeep.org> writes:
> dragon> The only real problem I ever had was a server in Hawaii that
> dragon> on sender verification. Someone on our mailserver sends an
> email, and
> dragon> immediately that server opens a connection back - wich of course
> dragon> tempfails, but they then result in failing delivery of our email.
> dragon> Ooops - caught between two different spamtraps - but I figured
> dragon> sincere enough about spam that I can whitelist them immediately.
> Yes, verizon (a CLEC) does this as well.
Do you know what sender address they use to probe with?
Reason I ask is that there's a sort of convention to do probing with the
empty sender, i.e.
MAIL FROM: <>
Then if you have greylisting on your mail system, what you can do is to
make the point at which you do greylisting conditional over whether or
not the sender is the empty sender or the non-empty sender.
So, if it's the non-empty sender, you do greylisting at RCPT time, so as
to do it before DATA time, and avoid wasting incoming bandwidth.
But if it's the empty sender, you do greylisting after DATA. Since
probes typically stop when they get a successful response to RCPT, they
never reach the greylisting point, and go away happy. If any sender does
continue into a message, then they still get greylisted, but at the end
That's what my systems do. That's then one less thing I have to maintain.
If you want to know how to do it, it should be easy to find with a bit
of web research. (I can also do hand-holding at my standard rate.)
More information about the Greylist-users