[Greylist-users] Whitelisting an IP that is in the enhdnsbl or dnsbl - and effect on Greylisting in SendMail

[Dennis Wynne]

My boss' brother is on an ISP that has most all of their mail servers on 
several of the online real-time blacklists. So naturally none of his mail 
gets through. If I remove the blacklists from use then we get tons more spam 
to deal with.  What I need to be able to do is tell sendmail that is the IP 
is one of a series that the ISP uses, to NOT check any of the blacklists.

It appears I can do this in SendMail with the spamfriend feature - except it 
requires that I turn on delay_checks option.

If I understand it correctly, right now when I get an SMTP connection 
sendmail checks the dnsbl's and drops the connection if the IP is on the 
list.  So this happens right away with little overhead.  If I turn on 
delay_checks then it appears it does not check the dnsbl's at first, but 
waits until the rcpt_to is received then if that passes does the other 
checks. So I could put his brother's domain or the mail server IPs in the 
access file with spamfriend and it should then bypass the blacklists.  But 
this would mean I have to accept connections from every blacklisted IP and 
go up through the rcpt_to step before I dump them?  Sounds like a ton more 
overhead.

Is there another / better way?  What is the effect of delay_check on running 
Greylist?

The obvious answers are:

1) Have the brother get his ISP to clean up their act, block spammers, and 
get off the blacklists
2) Have the brother get a free gmail, hotmail, yahoo, or whatever account 
and use that

My boss, being my boss, would prefer I fix it where his brother can e-mail 
him and we get almost no extra spam :-)

Thanks!
Dennis