[Greylist-users] Greylisting, Whitelisting, and SPF
Yiorgos Adamopoulos
adamo at central.tee.gr
Thu Jun 23 23:50:03 PDT 2005
IMarvinTPA wrote:
> in. I saw a bunch for AOL and Yahoo, who both support SPF. Would it make
> sense to have another "domain" whitelist that looks up the SPF records for
> those domains and whitelists them in? This way the Greylist whitelist
> doesn't become stale when the ISPs move servers around.
I use graymilter from http://www.acme.com and the whitelist from
puremagic.com. Initially I had a similar need like yours and hacked 7
lines[*] into graymilter to allow it to whitelist domains via
tcp_wrappers .A line like
graymilter: .ebay.com, .amazon.com : ALLOW
in /etc/hosts.allow. But this can easily get out of hand if you are not
very careful and because some times the DNS schema of certain ISPs does
not help you make such decisions easily.
On the other hand what you are proposing can be implemented on a
greylisting software independently of the/any whitelist. And just to be
sure that even if the whitelist becomes stale, you are still
operational, have your software decide first based upon DNS/SPF records
and if that fails, then via the whitelist.
My EUR0.02
- Yiorgos -
[*] http://www.dbnet.ece.ntua.gr/~adamo/hacks/graymilter.html
More information about the Greylist-users
mailing list