[Greylist-users] machine gun

Barb Dijker barb at netrack.net
Sun Jan 22 15:10:04 PST 2006

> No, the block would not be inappropriate (though messages to
> 'postmaster' should be allowed to get through, somehow).  By retrying
> so quickly you're violating section of RFC 1123 (STD 3), which
> states that the retry interval SHOULD be at least 30 minutes (and that
> you should continue retrying for at least 4-5 days).  If the short
> retry interval causes trouble, it's your own fault.

"SHOULD" in the std is a recommendation, not a requirement.  Most  
legitimate mail servers frequently retry sooner.  Our delay is set to  
4 minutes because the average retry time is around 10 minutes!  Many  
legitimate servers retry in 5.  There is no point in repeatedly  
giving those connections a tempfail.

Keep in mind that the recommendations in std3 were written log ago  
when bandwidth and server performance were several orders of  
magnitude less than they are today.

Because our delay is so low, I would need to use a relatively low  
threshold of hits for automatically blocking.  Based on the entries  
in my database, 100 looks like it would be most effective.  That's a  
hit about every two seconds.  I'd love to do it with iptables, but  
that's not an option for me.  If I modify relaydelay, I'll send the  
patch to Evan.

I have ebay whitelisted already.  Apparently there are some of their  
servers not in my list.  I can understand their interest in moving  
mail timely.  But I'm going to contact blackberry.  They have no  
excuse for hammering outgoing mail.

Barb Dijker x100
Netrack, 3080 Valmont Rd Ste 200, Boulder CO 80301
+1.303.938.0188, toll free +1.888.9Netrack, fax +1.303.938.0177

More information about the Greylist-users mailing list