[Greylist-users] machine gun
beck at bofh.cns.ualberta.ca
Sun Jan 22 09:14:12 PST 2006
> > Means it is probably time to start exploring that in greylisting
> > software - Should be easy enough to detect number of retries > X where X
> > is "many" in the greylisting period, and just like deciding a server that
> > does not retry is hostile, a server that retries exessively or stupidly
> > is also hostile. Getting X right is the trick.
> > What you think barb? 100 in 30 minutes is too much? or less?
> A known server from which you wish to receive email might as well be
> whitelisted. It is bad guys that greylisting is intended to keep out. To
> continue the second example, unless you have no users with eBay accounts,
> you wish to receive mail from eBay's fleet of servers.
You miss the point, I already whitelist the majors (and as well on
average about 110,000 other hosts) . that's not a problem. I'm talking
about settings for a previously unseen server that starts machine
gunning while in the greylist. I'm trying to get a threshold at which
the level of retries is a certain indicator of something I do not
wish to allow to pass the greylist.
More information about the Greylist-users