can someone provide any comments on greylisting? how effective is it, etc? thanks, -- dima.
On Fri, Feb 06, 2004 at 01:40:14PM -0500, Dmitri Krioukov wrote:
can someone provide any comments on greylisting? how effective is it, etc?
we have 20 regex expressions that block mail directly from a reverse dns that "looks" like a consumer broadband connection. Then we have to maintain a whitelist on a case by case basis. The reduction in unwanted email is on the order of 40 or 50 to 1. It obviously is not without its own pain so it may not be for you. This should discussion should probably be taken offline or two another list though. Ken Leland Monmouth Internet
Ken Leland [2/7/2004 2:11 AM] :
On Fri, Feb 06, 2004 at 01:40:14PM -0500, Dmitri Krioukov wrote:
can someone provide any comments on greylisting? how effective is it, etc?
we have 20 regex expressions that block mail directly from a reverse dns that "looks" like a consumer broadband connection. Then we have to maintain a whitelist on a case by case basis.
Er, I think you and Dmitri are talking about different things. From a mail operations standpoint, I am not a big fan of graylisting, because even legitimate senders get 4xx'd for a while, the first time they send mail. When any such strategy means that someone else's mail queues are filled with timed out emails waiting for retransmission, it d not be rocket science to see why this just doesn't scale too well. -- srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9 manager, outblaze.com security and antispam operations
well, it might not scale only at the global scale :) (while its current 'deployment' is far from being global as far as i can see) -- dima.
-----Original Message----- From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu]On Behalf Of Suresh Ramasubramanian Sent: Friday, February 06, 2004 10:19 PM To: Ken Leland Cc: nanog@merit.edu Subject: Re: greylisting
Ken Leland [2/7/2004 2:11 AM] :
On Fri, Feb 06, 2004 at 01:40:14PM -0500, Dmitri Krioukov wrote:
can someone provide any comments on greylisting? how effective is it, etc?
we have 20 regex expressions that block mail directly from a reverse dns that "looks" like a consumer broadband connection. Then we have to maintain a whitelist on a case by case basis.
Er, I think you and Dmitri are talking about different things.
From a mail operations standpoint, I am not a big fan of graylisting, because even legitimate senders get 4xx'd for a while, the first time they send mail.
When any such strategy means that someone else's mail queues are filled with timed out emails waiting for retransmission, it d not be rocket science to see why this just doesn't scale too well.
-- srs (postmaster|suresh)@outblaze.com // gpg : EDEDEFB9 manager, outblaze.com security and antispam operations
participants (3)
-
Dmitri Krioukov -
Ken Leland -
Suresh Ramasubramanian