Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Message

Re: [milter-greylist] lightgreylist.org

2007-10-25 by Dan Mahoney, System Admin

On Thu, 25 Oct 2007, Benoit Branciard wrote:

> Dan Mahoney, System Admin a ?crit :
>>
>>> 3. http://www.dnswl.org/
>>
>> I've got my own issues with them, and we wouldn't be serving the same
>> purpose.  My whitelist would be PURELY a dynamic list of "people not to
>> greylist", not "people to give additional kudos in SpamAssassin, etc."
>> DNSWL has added a bunch of mail relays (like LiveJournal) which relay mail
>> for a given forwarder account but there's no logic in my spam filters to
>> know to look "past" the livejournal servers for the actual spam source.
>> (Short of adding livejournal's current MX ip to trusted_networks).  I
>> digress.
>>
>
> DNSWL aims to inventory all "known legitimate email servers", that are
> servers which are powered by real MTAs (not spambots).
>
> Greylisting sole goal is to block fake MTAs (spambot-like), which are
> usually illegitimate and do little retries, if any.
>
> Is is pointless to greylist DNSWL-listed servers, because if properly
> configured they WILL retry. If some of them are relaying SPAM, it will
> pass through greylisting; delaying is not blocking.

I'm aware of that -- my goal is different from yours, though.  Yours is to 
manage known senders of "good" mail.  Mine is simply to maintain a list of 
"broken" servers, mail farms, as well as to collect info on other setups 
and reasons, specifically, why greylisting might not work.  I've seen a 
significant reduction in spam since I started using it (right now I'm 
using it against a heavy-casualty blacklist), but I'd like to totally 
avoid the possibility of it causing any other issues for non-compliant 
senders.

Are you listing all the known cases of "breakage" with regard to those 
servers that don't work with greylisting (the one from CVS?)

> So it makes sense to use DNSWL as a whitelist to bypass greylisting.
> Primary benefit is to avoid greylisting delay on legitimate email, and
> secondary is to let through legitimate MTAs which aren't
> greylisting-aware by design, such as mail farms.
>
> Remaining SPAM should be treated by other means, such as content
> analysis, embedded URL RBL-check, and DNSWL "Trustworthiness" score.

Among other problems that are off-topic for this list.

-Dan

--

"Oh, and we just recently got an invoice..."
"Congratulations!"

-JC and DM, regarding Unpredictable Billing, 8/18/2001

--------Dan Mahoney--------
Techie,  Sysadmin,  WebGeek
Gushi on efnet/undernet IRC
ICQ: 13735144   AIM: LarpGM
Site:  http://www.gushi.org
---------------------------

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.