OT: IP address reputation, BorderWare

DAve dave.list at pixelhammer.com
Fri Mar 23 17:22:04 CET 2007 

Dennis Willson wrote:
> Why yes, I know how SAV handles greylisting.
> 
> When SAV receives a temp failure, SAV returns a temp failure. A real 
> mail server will try again later which will cause SAV to verify again 
> when the sending server retrys. This works just fine. However, if you 
> run greylisting too, this adds a double delay on th delivery of the email.
> 

We have several real mail servers, they all retry within 30 minutes. My 
question was would the tuple expire from the greylist DB *before* the 
retry took place. Checking the SAV archives and then the config for 
milter-greylist I see this,

# This option attempts to make milter-greylist more
# friendly with sender callback systems. When the
# message is from <>, it will be temporarily
# rejected at the DATA stage instead of the RCPT
# stage of the SMTP transaction. In the case of a
# multi recipient DSN, whitelisted recipient will
# not be honoured.
delayedreject

So milter-greylist is already making exceptions so we don't break SAV. 
That is good to know, though we hadn't any complaints.

Thanks,

DAve


> I can live with that.
> 
> 
> 
> DAve wrote:
>> Chris Yuzik wrote:
>>> Res wrote:
>>>> The key here, you spoke to a salesman.
>>> Heh. It could have been worse...I might have talked to a marketing 
>>> guy. ;-)
>>>> Many ISP's are doing this and it upsets their stats so of course 
>>>> they dont want you to use it. Word gets around that it does this, 
>>>> more people will shy away from their product, they dont care at all 
>>>> about you protecting your users...unless you buy and use their product.
>>>>
>>>> Keep using the milter.
>>> Apparently, Matt is working on a modification to SMF-SAV that will 
>>> change the order of the checks so that the sender is only verified IF 
>>> they're sending to a real recipient on our end. As soon as that comes 
>>> out, we'll implement that.
>>>
>>
>> Does anyone know how greylisting affects milter-sav? What happens when 
>> I send an email to you and you attempt to verify me, and I greylist 
>> your attempt? You surely don't try to hold my delivery connection for 
>> 5 minutes waiting to try again do you?
>>
>> If you refuse the delivery, I'll try again later and the whole cycle 
>> would begin anew because without a successful connection within a 
>> specified time, you will never get make it into my whitelist correct?
>>
>> DAve
>>
> 


-- 
Three years now I've asked Google why they don't have a
logo change for Memorial Day. Why do they choose to do logos
for other non-international holidays, but nothing for
Veterans?

Maybe they forgot who made that choice possible.

More information about the MailScanner mailing list