[Mimedefang] Need advise on how to proceed.
Michael Sims
michaels at crye-leike.com
Mon Jun 14 17:46:25 EDT 2004
Chris Myers wrote:
> Greylisting only delays mail the first time you see a
> sender/recipient pair, all subsequent messages from/to that same pair
> are accepted immediately. You can always write your greylisting code
> so that you don't reject for the first week or two and THEN turn on
> tempfails once your database is already mostly populated.
That's probably good advice. I should have done that when I tried to implement
greylisting a few weeks ago. I found that there were quite a few hosts with VERY
long retry times, and some were quite erratic. For example, I used the "email a
friend about this item" from eBay. I then found out that eBay takes all such
traffic and tries it once, and then if it tempfails they move the message off to
another smtp queue that is very slow. I finally got my notification almost 7 days
after I sent it! Needless to say, I should have whitelisted eBay, Amazon, etc. In
fact, if anyone is thinking of implementing greylisting and have end users that use
email for other than pure business related purposes, you may find the following of
value:
http://cvs.puremagic.com/viewcvs/*checkout*/greylisting/schema/whitelist_ip.txt?rev=
1.4
I also had another host that one of my end users used as a forwarding address. Had
I done the proper research I would have whitelisted all of the known forwarders
first, but alas I did not. I found out that this host had a VERY erratic queue
retry time...sometimes it would redeliver after only 10 minutes, and some messages
redelivered after 30+ hours. It was almost as if the admins of this were flushing
their outgoing SMTP queue manually whenever they thought of it. At any rate, I had
a very irate user and the admin on the other side of course claimed that we broke
something when we implemented greylisting. Of course I know that's not true but try
explaining it to an end user who can't even spell SMTP, much less understand it.
I don't mean to scare anyone away from greylisting...just make sure you have the
full backing of management because if your user base is anything like mine you WILL
have some initial growing pains. But as Chris said, allowing your database to build
for a couple of weeks will probably take care of most of them.
More information about the MIMEDefang
mailing list