[Top] [All Lists]

Re: RFC3463, 450 reply codes, and 4.7.1 extended codes.

2005-05-09 11:11:54

At 07:58 09-05-2005, John Leslie wrote:
   What is the _benefit_ of telling a spammer you're greylisting him?

Greylisting does not affect spammers only. You are also telling your correspondent why the email delivery temporarily failed.

   My thoughts run along the line of keeping a database by IP address
of sending SMTP client with times of attempts, to check that we're
delaying long enough for IP addresses to get blacklisted. But it's not
clear how long that is; nor is it clear how we decide this _particular_
email has been delayed long enough. I find myself thinking of hashing
MAIL-FROM and RCPT-TO; and this starts looking _very_ unattractive.

That's how greylisting is generally implemented. It can however cause issues if the subsequent delivery attempts are made from different IP addresses. Greylisting works well with the same client/server pair.

My greylististing implementation targets Windows hosts only and uses IP address and helo pairs. The problem is how to handle connections from server farms as they do not always originate from the same /24 for example.

Greylisting is a short term fix. The better question is what to do on a 4.7.1 extended code. MX hosts may have different filtering policies. Should the SMTP client use the same MX host on a 4.7.1 to avoid getting around filtering policies and to play nice with greylisting?