[Greylist-users] greylist lib in C? + several Q's

Graham Toal gtoal at gtoal.com
Sun Aug 29 12:49:35 PDT 2004


> Try explaining that to the people at Yahoo Groups.  Try explaining to
> your users that Yahoo Groups misbehaves, and therefore isn't allowed
> to send them email.

So what's the deal with Yahoo?  I hadn't heard that before.

> monitor traffic for possible updates to the whitelist.  If you don't
> mind losing an occasional message, maybe you can do it with logged IP
> addresses and hostnames; if you're more paranoid than that, you want
> to collect message bodies for at least automated analysis.
> Unfortunately that's not very compatible with tempfailing for some
> recipients and not others.

> >> to cut down the risk of delays to legitimate mail, which
> >> appears to be a concern here.
> >
> > In my experience greylisting generates very few false positives.
> >
> > Are you a business?  If so, then it is a cost/benefit analsys.

No, a University, and very sensitive to complaints from faculty
about important mail going missing or being delayed.  Basically if
I implement anything that has the *potential* of delaying important
mail, from that day on, anything that anyone screws up such as not
submitting a grant application in time is going to be down to
my anti-spam code, whether that was the culprit or not.  So I
am taking a conservative approach and doing enough Quality Assurance
on it that I know we're on a sound footing.  It's not what I would
do on my home system!

> > What is the cost of a very few number of false positives which you would
> > have with greylisting compared to the cost of the enormous amount of
> > spam and virus messages which greylisting would stop?
>
> Perhaps doing the tempfail-after-data approach would be a useful way
> to do the cost/benefit analysis.  Say, spend a couple months doing it
> that way and seeing which messages really get retried and which are
> spam, but actually delivering all messages the first time (suppressing
> duplicates by recording sender, recipient and sha-1 checksum, maybe).
> Then no mail has been lost, and you've got a couple months' worth of
> data to analyze.

Exactly.

Graham
PS Noted your other comments too, thanks.  Esp the banner trick.


More information about the Greylist-users mailing list