[Greylist-users] Exploring Greylisting - Initial Block Time

Dennis Wynne DWYNNE at equinoxis.com
Thu Mar 2 13:13:00 PST 2006 

Glad you asked before you went live.  I am now around 55 seconds for mine 
and most folks that I asked said 1-3 minutes. One of my customers is running 
5 on their server. I started with the nearly one hour default and ran that 
way for a bit - until I asked the list what to run.

What I have found from studying the logs - most SPAMmers never retry so you 
have 100% success blocking those, a few retry a bunch right away (within 
seconds of the first hit) - any setting longer than 30-40 seconds gets 
those, almost NONE that I ever saw that would retry after 1 minute would 
give up before 1 hour.  So setting it longer than a minute or two is going 
to block almost 0 SPAM and just going to delay the good mail for longer.

Most mail servers seem to retry after 1 minute (or at 30 seconds and 1 
minute) so setting it for under 1 minute gets the mail on the 2nd or 3rd 
try.

Dennis

===== Original Message from greylist-users at lists.puremagic.com (Greylisting 
Users and Developers Discuss) at 3/02/06 1:54 pm
>Hi, I'm new to the list.
>
>I have been exploring greylisting for our SMTP package.
>
>I have a question regarding the recommended 1 hour initial block time.
>
>I don't see the direct correlation of the block time with associating good
>or bad SMTP clients.  The RFC has a recommendation, but that's just it - a
>recommendation.  There is no fixture on a retry pattern, atleast I don't see
>it.
>
>Isn't the primary goal satisfied by simply addressing the nearly 100% bad
>actors that do not follow 421 response codes?
>
>I have been exploring this with no block time limit. I'm close to putting
>this out to beta testing and I'm wondering what default I should use.  It
>seems to me that from an operations standpoint, we are a lot "safer" to not
>have initial 1 hour block limit.  For our test site, I see just a
>significant amount of good systems retrying within minutes or seconds.
>
>I'm aware each site will have its own experiences.  Most of customers are
>commercial oriented so this is one reason we were reluctant to offer
>Greylisting in the past.
>
>Overall, for our test site, I'm seeing around 64-68% success rate
>(non-retries/total).  Do you think we might see a higher success rate with a
>1 hour block time at the expense of raising some support issues with "good"
>people trying to send mail with less than 1 hour retry frequencies?
>
>
>Comments?  Experiences?
>
>Thanks
>
>--
>Hector Santos, Santronics Software, Inc.
>http://www.santronics.com
>
>
>
>
>_______________________________________________
>Greylist-users mailing list
>Greylist-users at lists.puremagic.com
>http://lists.puremagic.com/cgi-bin/mailman/listinfo/greylist-users

More information about the Greylist-users mailing list