[Mimedefang] Greylisting

[Paul Murphy]

Paul,

> I too have been thinking a lot about greylisting, and before 
> spending the time on the MIMEDefang front (as I think it's 
> much better to have it hooked in there, unless someone can 
> say otherwise ;-) I thought I'd try it as a milter add-on:
>   http://hcpnet.free.fr/milter-greylist/

The advantage of having the greylist implementation within MIMEdefang is that
you can perform additional processing which either modifies the greylist
("You sent me a virus, so you're now blacklisted for 2 days in the hope that
you sort out your systems"), or which can modify the greylist time based on
the properties of traffic received from it, or perhaps even modifying filter
tables to reject packets with an ICMP unreachable response if a mail server
has more than X new entries in the greylist in the last Y minutes (virus
spread activity, spam bots, etc).

All of these are more advanced than a milter will support, but the milter
approach does indeed work.  However, having all of the greylisting integrated
with GraphDefang as well is very useful...

The only problem I've had is that the MySQL implementation I use sometimes
suffers from connectivity problems, reporting that the server has gone away.
Several possible causes have been investigated, but I still get this every
couple of days.

Paul.