Milter-greylist

Emmanuel Dreyfus wrote:
 > Of course several hours is not something you want for any sender, this is
 > where using dynamic pool DNSRBL helps: I use several hours for cable and
 > DSL pools, qnd 15 mn for other hosts.

That's something I don't understand.

People sending mail to you from dynamic IP dial-in pools
usually don't let their PC running 24 hours per day.
That means that delaying them for several hours isn't
good, because their PC will probably be switcehd off
by then.

I think there are only two possibilities that make sense.
The first is to blacklist dynamic IP pools completely,
i.e. _never_ accept mail from them.  That's what I do,
because expecience shows that it's 100% spam anyway, so
there's no reason to clutter my greylist with such IPs.
Users who have dynamic IP addresses should use their
ISP's mail server for sending mails in the first place
anyway.

The second possibility:  If you absolutely must receive
mails from users of dynamic addresses, and you cannot
teach them to properly use their ISP's mail server, then
use a short greylisting delay (a few minutes).  Otherwise
there's the risk that you won't get their mails at all,
or get them only the next day, or on Monday after the
weekend.

Best regards
   Oliver

-- 
Oliver Fromme,  secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.

"File names are infinite in length, where infinity is set to 255 characters."
        -- Peter Collinson, "The Unix File System"