[Mimedefang] Greylisting
Jeff Rife
mimedefang at nabs.net
Wed Feb 22 18:02:31 EST 2006
OK, so I've been bad at keeping up with messages....
On 14 Dec 2005 at 21:37, David F. Skoll wrote:
> Our (commercial) implementation of greylisting notes when a host
> makes it past the greylist hurdle. Once that happens, we don't greylist
> that host for 40 days. It's a simple trick that greatly reduces the annoyance
> of greylisting delays without materially reducing the effectiveness of
> greylisting. I'm not sure if any of the free greylisting implementations
> do this
Yes, indeed.
Milter-greylist with the "lazyaw" setting will do exactly what you
describe.
Basically, the first time sender/recipient/IP gets greylisted, but when
they succeed, "lazyaw" causes the IP address to be whitelisted instead
of the tuple. Combining that with "subnetmatch /32" and "autowhite
40d" would do exactly what you said.
I suspect that anybody using "lazyaw" would want to change the
"subnetmatch /24" default because whitelisting 256 IPs because just one
retried would be a bit too much, I think.
--
Jeff Rife |
| http://www.nabs.net/Cartoons/PaperOrPlastic.gif
More information about the MIMEDefang
mailing list