[Greylist-users] Re: Greylist implementation for diskless firewall appliances

[richard at stardate.ca]

> One potential use of greylisting I've been thinking about
> to implement it on a firewall appliance that has an SMTP
> proxy. This enhances network security and reduces load
> on mail servers from inbound spam.
> Some questions for the list:
> 
> How large is the SQL database likely to get? Would
> it be feasible to use a RAM based list without a proper
> SQL database? Has anyone worked out a formula
> for the size based on users/mail rate?

That depends on the number of users and the number of emails they get 
from different people.  I think the best any one can tell you is that it 
will get as big as it has to.

> What issues would be created by periodically saving
> a host copy of a RAM based list which could be retrieved
> by the appliance on a cold start? One problem which comes
> to mind is somehow retrieving a stale list. The other is the
> frequency of saves needed in order for the stored copy
> of the database to be fresh enough to be useful.

Would it be possible to map drive space on a separate server and store 
the databases there?

> Is greylisting likely to cause loading issues due to retries?

Yes but a little DLINK firewall will handle a lot of throughput. I think 
you are talking about something a little more substantial.

> I realize it's still early in this implementation but I thought it
> might be worth raising these issues now. A smart appliance
> based implementation of this concept could easily increase
> the number of people using greylisting overnight to many
> thousands of MTA's.

The down side is that this would make the spammers sit up, notice and 
take evasive action.