[Mimedefang] Greylisting a relay/email

Oliver Schulze L. oliver at samera.com.py
Thu Aug 9 18:09:39 EDT 2007

I read the excellent post from David about using a tuple of data to identify
and greylist an email.

My question is about identifying the email and about greylisting a relay or
only a unique email comming from that relay.

Options to tempfail an email:
- on first spam received, greylist the relay IP and all emails comming 
from that relay
- on first spam received, greylist the email asociating the email to the 
relay. Tempfail
  all conections comming from that IP only if the relay is sending the 
same email.

Also, I was thinking of using this info to uniquely identify and email:
subject, size, from, recipients, relay_ip

Doing a md5 sum of the entire email will help? Or will load the server 
too much?
I have done some md5 test and it can indeed identify the same email, no 
modification is done in the remote server, but maybe botnets can change 
header info.

Many thanks

Oliver Schulze L.   | http://tinymailto.com/oliver  
Asuncion - Paraguay | http://www.solojuegos.mobi    

More information about the MIMEDefang mailing list