OT - Greylisting (was: Re: gOCR SpamAssassin plugin)

Jim Holland mailscanner at mango.zw
Fri Aug 11 10:31:07 IST 2006 

On Thu, 10 Aug 2006, Julian Field wrote:

> The solution to this that I have just deployed here is "greylisting". I
> have set the delay time to 10 minutes, and the whitelist-remember time
> to 32 days. No-one notices the 10 minutes delay on the first email in a
> conversation, and 32 days means that the monthly email reminder messages
> from mailing lists are whitelisted.
> 
> My users are *really* fussy, and I ran a trial of greylisting for a week
> with a few selected users who opted in to the trial. I purposely didn't
> tell them what I was changing so I could run a proper blind test. Not
> one of them noticed the 10 minute delay time. So I have just deployed it
> out to all 2000 users I have, and there have been no complaints at all.

I am puzzled to hear this, because the 10 minute delay time is set on your
side - ie the delay time between connection attempts before your server
will accept the connection.  However it doesn't take into consideration
the problem of the delay that will occur on the sending side between
delivery attempts.  Many systems will retry delivery only after a fairly
long interval.  The default for sendmail is 30 minutes, but some busy
systems will have a default of as long as 4 hours.  This means that in 
practice I would expect the real delay to be far longer than 10 minutes 
for many messages.

Worse still, there are some systems that will treat a 451 error as a fatal
error, and will not retry the mail.  I have found this with Yahoo and
Gmail, for example.  (I was trying to force them to deliver to our
secondary MX that has more bandwidth than we do because of their very
annoying failure to implement the ESTMP "size" extension - meaning that we
sometimes have to accept say 10 MB of traffic before we can then tell them
that the message is too large.)

Another concern is the impact that greylisting would have on the Internet 
if its adoption became widespread - it would mean that all mail servers 
would have to work twice as hard to deliver mail.  I do find the delivery 
delays rather annoying as a sender of mail - seeing mail stuck in the mail 
queue waiting for some possibly unknown period of time before it gets 
accepted.

That said, I am sure that greylisting does make a big impact on spam for
those that implement it.

Regards

Jim Holland
System Administrator
MANGO - Zimbabwe's non-profit e-mail service

> It has got rid of the single-image stock adverts completely. :-)
 
> Daniel Maher wrote:
> > I've noticed that a lot of the image spam uses bitmap (.bmp) images.  Unfortunately, that SARE plugin appears to handle gif, png, and jpg images only.  Does anybody know of a plugin that will recognise bmp's as well?
> > 
> > --
> >   _
> >  °v°  Daniel Maher
> > /(_)\ Administrateur Système Unix
> >  ^ ^  Unix System Administrator
> >  
> > Sentio aliquos togatos contra me conspirare.
> >> -----Original Message-----
> >> From: mailscanner-bounces at lists.mailscanner.info [mailto:mailscanner-
> >> bounces at lists.mailscanner.info] On Behalf Of Michele Neylon::
> >> Blacknight.ie
> >> Sent: August 7, 2006 9:53 AM
> >> To: MailScanner discussion
> >> Subject: Re: gOCR SpamAssassin plugin
> >>
> >> The one that Dallas posted on the SA users group seems to work well:
> >>
> >> http://www.rulesemporium.com/plugins.htm#imageinfo
> >>
> >> --
> >> Mr Michele Neylon
> >> Blacknight Solutions
> >> Quality Business Hosting & Colocation
> >> http://www.blacknight.ie/
> >> Tel. 1850 927 280
> >> Intl. +353 (0) 59  9183072
> >> Direct Dial: +353 (0)59 9183090
> >> Fax. +353 (0) 59  9164239
> >> --
> >> MailScanner mailing list
> >> mailscanner at lists.mailscanner.info
> >> http://lists.mailscanner.info/mailman/listinfo/mailscanner
> >>
> >> Before posting, read http://wiki.mailscanner.info/posting
> >>
> >> Support MailScanner development - buy the book off the website!
> 
> - -- 
> Julian Field
> www.MailScanner.info
> Buy the MailScanner book at www.MailScanner.info/store
> 
> MailScanner customisation, or any advanced system administration help?
> Contact me at Jules at MailScanner.biz
> 
> PGP footprint: EE81 D763 3DB0 0BFD E1DC 7222 11F6 5947 1415 B654
> Get your PCs and servers from Transtec.de, very well built and reliable!
> 
> 
> -----BEGIN PGP SIGNATURE-----
> Version: PGP SDK 3.7.0
> Charset: ISO-8859-1
> 
> wj8DBQFE26YZEfZZRxQVtlQRAiItAJ9VIh871XcWBmt+vKCW2iNWNJq7rgCg/jO7
> XD/0cflE3euPCUqXSdxU6CI=
> =vULH
> -----END PGP SIGNATURE-----
> 
>

More information about the MailScanner mailing list