[Greylist-users] limiting greylisting
raeburn at raeburn.org
Mon Jan 9 11:53:08 PST 2006
On Jan 9, 2006, at 12:01, Wayne Walker wrote:
> I've got a server where I have a few users that want greylisting and
> many who do not. Can I set up relaydelay such that only specified to
> addresses are checked and everyone else gets mail without greylisting?
Without more specifics about your situation, I think the natural
answer is "yes, but it might take a little coding".
For example, if you're using sendmail with the relaydelay milter,
like I am, you probably can't prevent the milter from being invoked
for certain recipients, but you could modify the milter code to check
an additional list and immediately accept mail going to anyone not on
it. This would be different from whitelisting everyone else in that
the default for a newly-created list or user recipient -- would be to
not do greylisting. There's also the hiccup that you'd immediately
reject email for non-existent recipient addresses in dictionary
probes, since they're not in the list, so if a spammer is actually
trying to refine his list by looking for permanent failure codes (I
don't know if many of them bother to do this), then they'll succeed
at your site.
I've been told that there are MTAs -- I don't know which one or ones
-- that will notice a temporary failure for one recipient out of many
for a message, and hold off on transmission altogether. If that's
the case, then if the first recipient is subject to greylisting, the
message will be delayed, even if there are non-greylisted recipients
as well. I'd be curious if anyone knows more about this situation....
You could perhaps modify the greylisting code to only return the
temporary failure after receiving the message; at that point, you can
review the full list of recipients and only issue the tempfail if all
of them have signed up for greylisting. That would let spam through
to greylisted recipients if there's a non-greylisted recipient. And
you'd experience the full load of transferring such messages,
possibly running them through your spam filters, etc.
More information about the Greylist-users