[Mimedefang] Greylisting netmask
Jeff Rife
mimedefang at nabs.net
Tue Feb 6 16:31:22 EST 2007
On 6 Feb 2007 at 18:14, Jonas Eckerman wrote:
> I simply remove the last number of the dotted IP address before
> using it in the greylist. The greylist triplets consists of this
> stripped IP address, the recipient and a massacred/stripped
> senders address. New triplets are black for 3 minutes.
>
> A completely separate table contains the full IP addresses (but
> no mail addresses) and is used to tempfail any never-seen-before
> hosts the first 10 seconds, and to whitelist any host that has
> succesfully bypassed the greylist (no point in greylisting a host
> that retries). Obviously this check is done before ever involving
> the normal greylist. (This table allready contained most hosts
> sending mail to us before I started tempfailing new hosts for 10
> seconds.)
So, if I understand correctly, a new host will be delayed for two retry
intervals...once when it is tempfailed for being a new host, then again
by the greylist when it retries the first time.
Although I don't mind the delay of greylisting, for some servers this
would put you into the "slow" queue and make that third try occur 4-8
hours after the first. That long of a delay might be an issue, even at
my site where it's more casual than most places.
--
Jeff Rife | "...the flames began at a prophylactic recycling
| plant, near the edge of the forest..."
|
| -- "WarGames"
More information about the MIMEDefang
mailing list