Milter-greylist

Christian PELISSIER wrote:
 > Some users complains sometimes about greylisting delays.
 > [...]
 > Thunderbird allow us to define the following priorities :
 > X-Priority: 1 (Highest)
 > [...]
 > MicroSoft use 
 > X-MSMail-Priority: High
 > [...]

Several other MUAs (e.g. elm) use this one:
Priority: {normal,urgent}

 > So having in greylist.conf
 > 
 > greylist 15m
 > 
 > and take care of priority with 
 > 
 > priority_highest    -13m
 > priority_high       -10m
 > priority_normal     +0
 > priority_low        +45m
 > priority_lowest     +4h

That won't help much.  Typically, mail servers use a queue
interval of 30 minutes (at least that's a common value, and
it's the default for many MTA installations).

So it doesn't really matter much whether you greylist for
15 minutes or for 3 minutes.  In either case it can happen
that the sender will retry sending the message after 30
minutes.  Of course, if the sender's next queue run happens
to be scheduled within a few minutes, then a short grey-
listing interval will help to deliver the message sooner.
But that's not really something to rely on or to guarantee,
i.e. it will probably not satisfy users who are unsatisfied
with their mails being delayed.

When people ask me about the delay problem, my answer is
usually:  Yes, a delay will occur, but only on the _first_
mail between two persons.  After that, the sender is in
the whitelist, so any further communication will not be
delayed.  I think that's acceptable.

Of course there are cases where even the delay on the first
message is not acceptable.  For example, help desks who
have to answer in a timely manner to customer requests,
or mail accounts that receive alert messages from various
sources (that are not known in advance) which have to be
acted upon immediately.  In those cases, the recipients
(and _only_ those) should be exempted from greylisting
completely, which is easy to configure with milter-greylist
ACLs ("acl whitelist rcpt 911@...").  Of course
that might increase the spam level for those recipients,
but that's the deal when you don't want to be greylisted.

 > Many spam come now as a gif, jpeg or png containing text. If we apply
 > the same idea as above delaying longer by adding a new delay to the
 > previous one when a mail come with attachements

That won't satisfy your users, I bet.  :-)

Best regards
   Oliver

-- 
Oliver Fromme,  secnetix GmbH & Co. KG, Marktplatz 29, 85567 Grafing
Dienstleistungen mit Schwerpunkt FreeBSD: http://www.secnetix.de/bsd
Any opinions expressed in this message may be personal to the author
and may not necessarily reflect the opinions of secnetix in any way.

"anyone new to programming should be kept as far from C++ as
possible;  actually showing the stuff should be considered a
criminal offence" -- Jacek Generowicz