On Thu, Mar 17, 2005 at 09:35:08PM -0000, John Levine wrote:
> The point of greylisting is to lose mail from misimplemented hosts
> that don't retry after a soft failure. As soon as you see a retry
> from a given host, you know that, no matter what other flaws it may
> have, it's able to retry so there's no point in soft failing its
> mail any more.
I agree with you regarding whitelisting the IP number - thanks for that -
I'll be altering my implementation this morning.
However I think that saying that as soon as you see a retry from a host you
know that it is safe is not absolutely true. We currently insist that the
host retries with the same sender and recipient between 1 hour and 5 hours
from the initial attempt. The problem will be that currently spammers don't
retry, but you can be sure that they are already looking at their spamming
code and working out how to adapt it to do retries. The paper I read from
Evan Harris pointed out that if you refuse for the first hour then in theory
there's a good chance that the spammer will hit a spam trap and end up on an
RBL list. So even if they do implement a queuing mechanism they shouldn't
be too successful at getting spam to you.
______ jonathan @
uk Jonathan Knight,
/ Department of Computer Science
/ _ __ Telephone: +44 1782 583437 University of Keele, Keele,
(_/ (_) / / Fax : +44 1782 713082 Staffordshire. ST5 5BG. U.K.