Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Message

RE: [milter-greylist] Can milter-greylist run after sendmail checks users?

2011-02-24 by Steger Wolfgang

> From: milter-greylist@yahoogroups.com
[mailto:milter-greylist@yahoogroups.com] On Behalf Of Les Mikesell
> Sent: Thursday, February 17, 2011 6:54 PM
> To: milter-greylist@yahoogroups.com
> Subject: [milter-greylist] Can milter-greylist run after sendmail checks
users?


  

> I am running sendmail/MimeDefang and recently added milter-greylist as 
> an additional spam check. The domains in question are regularly hit with 
> dictionary-attack type spam where most of the target users don't exist. 
> Sendmail is very quick at rejecting local addresses that are not in 
> the aliases or virtuser tables so that is normally not a problem, but 
> when milter-greylist is active it wants to greylist even the 
> undeliverable addresses. For the moment I am working around it by 
> tracking the 'real' users, including them in the milter-greylist config, 
> and restricting greylisting to the specified addresses. However, it 
> would be nicer if this could be handled automatically by letting 
> sendmail reject addresses it can't deliver first. Is there any way to 
> do that?

> Also, the extra log line about 'skipping greylist because this is the 
> default action' for the unprocessed addresses is filling my disks up to 
> the point that I had to change the log rotation. Is there any way to 
> turn that off? When it doesn't do anything, I don't need to know about it.

> -- 
> Les Mikesell
> lesmikesell@... <mailto:lesmikesell%40gmail.com> 

Ok., it's a week since you asked, but here are some ideas 
about the way greylisting works. Hopefully I did not get 
it all wrong.

If you run greylisting *before* user check, it won't make any 
difference, as the trick is, that the same combination of
sender IP, sender & recipient address "never" comes again in 
a SPAM message.

Also, if you are sending out non-deliverable-messages for 
nonexistant recipients: on SPAM they will either be bounced
(because the sender does not exist) or reach somebody innocent.

So I believe it is better to block SPAM with greylisting before
checking valid users. The only "problem" may be you are blowing 
up the greylisting database.

Just my 2cc, Wolfgang Steger
 
-- 
  Dipl.Ing. Wolfgang Steger        first facility GmbH
  IT Server Management             a member of EVN Group
  wolfgang.steger@... 1120 Wien, Technologiestr. 8
  Tel: +43(1) 61424-242            Mobil: +43(676) 88614 242

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.