[Top] [All Lists]

Re: greylisting done at end of headers, or end of daya (QUIT) ?

2007-01-31 18:04:16

Hector Santos wrote:
I don't see any evidence of that; what I'm seeing now
is the zombies will slam the same identical message at you three or four
huh?  Thats is exactly what GL is suppose to stop.

It stops the first one. It lets the next three right through.

The whole trick to GL is how good is your whitelist system, including auto-whitelisting ideas, i.e. When you send email to someone you know, your GL system should auto-whitelist these people because a possible reply from these people might occur. No need to greylist them.

Let's say I just bought some software; the vendor is about to E-mail me the license key. Or: I just registered at my health insurance company, and they're sending me a confirmation code via E-mail that I must have for access to my medical records. How am I supposed to white list those? Even if I can guess what domain they're sending from, it's still a manual process.

The final straw was a small software vendor who had outsourced their license key generation, and the key generator's SMTP client didn't grok 4xx errors and disabled my account. I had to badger them for several days to get the stupid key.

Bottom line for me is gray listing turned out to be one of the many "clever" techniques that slowed the spam down for a little while, but eventually proved to be more nuisance than help.