[Greylist-users] Exploring Greylisting - Initial Block Time
hsantos at isdg.net
Thu Mar 2 14:00:02 PST 2006
Thanks for the feedback Denis.
So you have a seconds resolution? Ok, we add a seconds resolution as well.
Ok, I just thought that the 1 hour block time was too tight. Given the fact
that we offer a retry frequency options to admins, I can't assume that a
default of 1 hour is going to be "significant" majority. In fact, we
already have in planning to offer a more variable base retry frequency table
based on error condition.
I noticed bellsouth.net retries immediately within seconds on a pool of
outgoing servers. For this bellsouth.net test, I noticed it was trying
nearly every few seconds from different class c servers. When exhausted, it
seem to shift to a 5 mins retry from the same group of class c servers.
Eventually when the triplet matched one of the early attempts, it took 13
minutes before it was accepted. So obviously this requires a Class C masking
match logic. :-)
Thanks again for your feedback
Hector Santos, Santronics Software, Inc.
----- Original Message -----
From: "Dennis Wynne" <DWYNNE at equinoxis.com>
To: "Greylisting Users and Developers Discuss"
<greylist-users at lists.puremagic.com>
Sent: Thursday, March 02, 2006 4:13 PM
Subject: Re: [Greylist-users] Exploring Greylisting - Initial Block Time
Glad you asked before you went live. I am now around 55 seconds for mine
and most folks that I asked said 1-3 minutes. One of my customers is running
5 on their server. I started with the nearly one hour default and ran that
way for a bit - until I asked the list what to run.
What I have found from studying the logs - most SPAMmers never retry so you
have 100% success blocking those, a few retry a bunch right away (within
seconds of the first hit) - any setting longer than 30-40 seconds gets
those, almost NONE that I ever saw that would retry after 1 minute would
give up before 1 hour. So setting it longer than a minute or two is going
to block almost 0 SPAM and just going to delay the good mail for longer.
Most mail servers seem to retry after 1 minute (or at 30 seconds and 1
minute) so setting it for under 1 minute gets the mail on the 2nd or 3rd
===== Original Message from greylist-users at lists.puremagic.com (Greylisting
Users and Developers Discuss) at 3/02/06 1:54 pm
>Hi, I'm new to the list.
>I have been exploring greylisting for our SMTP package.
>I have a question regarding the recommended 1 hour initial block time.
>I don't see the direct correlation of the block time with associating good
>or bad SMTP clients. The RFC has a recommendation, but that's just it - a
>recommendation. There is no fixture on a retry pattern, atleast I don't
>Isn't the primary goal satisfied by simply addressing the nearly 100% bad
>actors that do not follow 421 response codes?
>I have been exploring this with no block time limit. I'm close to putting
>this out to beta testing and I'm wondering what default I should use. It
>seems to me that from an operations standpoint, we are a lot "safer" to not
>have initial 1 hour block limit. For our test site, I see just a
>significant amount of good systems retrying within minutes or seconds.
>I'm aware each site will have its own experiences. Most of customers are
>commercial oriented so this is one reason we were reluctant to offer
>Greylisting in the past.
>Overall, for our test site, I'm seeing around 64-68% success rate
>(non-retries/total). Do you think we might see a higher success rate with
>1 hour block time at the expense of raising some support issues with "good"
>people trying to send mail with less than 1 hour retry frequencies?
>Hector Santos, Santronics Software, Inc.
>Greylist-users mailing list
>Greylist-users at lists.puremagic.com
Greylist-users mailing list
Greylist-users at lists.puremagic.com
More information about the Greylist-users