-----Original Message-----
From: asrg-bounces(_at_)irtf(_dot_)org
[mailto:asrg-bounces(_at_)irtf(_dot_)org] On Behalf Of Martijn Grooten
Sent: Wednesday, October 19, 2011 8:06 AM
To: Anti-Spam Research Group - IRTF
Subject: Re: [Asrg] Greylisting BCP
Do people apply greylisting post-DATA in practise? Or is this really
only something only performed in labs as it is the only way to
determine whether causes false positives.
I plan to do a survey of popular implementations. If none do, that section can
be dropped. But someone suggested including it in the outline which leads me
to believe that some implementation does.
It is hard to reliably determine how much greylisting helps on a
specific system, i.e. what difference it makes compared to the
hypothetical situation greylisting wasn't used. May be an idea to
include some caution about that.
Presumably a site using it turns it on because it perceives it has a problem,
and notices a positive difference (or they'd turn it off). It's subjective
though, which can make it hard to measure. So sure, a note about this might be
reasonable.
"greylisting is more expensive than not greylisting"
Can you explain this?
Put simply, any new filter has a cost to install, maintain, and operate. For
greylisting there has to be a local store of sources that you've seen that get
to bypass greylisting, so anything not on that list gets caught. That takes
space, I/O, and processing time. So "expensive" in the resources sense.
"special actions to take if the same message is retried before the time
limit expires"
I assume by "message" you mean the (sender, recipient, MTA) triplet?
This might get back to the DATA thing above. I guess some greylisting takes
into account whether or not a specific message is retried, not just the source.
It depends on whether or not I can find one that actually does this.
-MSK
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg