[Greylist-users] limiting greylisting

Ken Raeburn raeburn at raeburn.org
Mon Jan 9 11:53:08 PST 2006 

On Jan 9, 2006, at 12:01, Wayne Walker wrote:

> I've got a server where I have a few users that want greylisting and
> many who do not.  Can I set up relaydelay such that only specified to
> addresses are checked and everyone else gets mail without greylisting?

Without more specifics about your situation, I think the natural  
answer is "yes, but it might take a little coding".

For example, if you're using sendmail with the relaydelay milter,  
like I am, you probably can't prevent the milter from being invoked  
for certain recipients, but you could modify the milter code to check  
an additional list and immediately accept mail going to anyone not on  
it.  This would be different from whitelisting everyone else in that  
the default for a newly-created list or user recipient -- would be to  
not do greylisting.  There's also the hiccup that you'd immediately  
reject email for non-existent recipient addresses in dictionary  
probes, since they're not in the list, so if a spammer is actually  
trying to refine his list by looking for permanent failure codes (I  
don't know if many of them bother to do this), then they'll succeed  
at your site.

I've been told that there are MTAs -- I don't know which one or ones  
-- that will notice a temporary failure for one recipient out of many  
for a message, and hold off on transmission altogether.  If that's  
the case, then if the first recipient is subject to greylisting, the  
message will be delayed, even if there are non-greylisted recipients  
as well.  I'd be curious if anyone knows more about this situation....

You could perhaps modify the greylisting code to only return the  
temporary failure after receiving the message; at that point, you can  
review the full list of recipients and only issue the tempfail if all  
of them have signed up for greylisting.  That would let spam through  
to greylisted recipients if there's a non-greylisted recipient.  And  
you'd experience the full load of transferring such messages,  
possibly running them through your spam filters, etc.

Ken

More information about the Greylist-users mailing list