Re: greylisting done at end of headers, or end of daya (QUIT) ?

Hector Santos wrote:
> > I don't see any evidence of that; what I'm seeing now
> > is the zombies will slam the same identical message at you three or four
> > times. 
> huh?  Thats is exactly what GL is suppose to stop.
It stops the first one. It lets the next three right through.

> The whole trick to GL is how good is your whitelist system, including 
> auto-whitelisting ideas, i.e.  When you send email to someone you 
> know, your GL system should auto-whitelist these people because a 
> possible reply from these people might occur.  No need to greylist them.
Let's say I just bought some software; the vendor is about to E-mail me 
the license key. Or: I just registered at my health insurance company, 
and they're sending me a confirmation code via E-mail that I must have 
for access to my medical records. How am I supposed to white list those? 
Even if I can guess what domain they're sending from, it's still a 
manual process.
The final straw was a small software vendor who had outsourced their 
license key generation, and the key generator's SMTP client didn't grok 
4xx errors and disabled my account. I had to badger them for several 
days to get the stupid key.
Bottom line for me is gray listing turned out to be one of the many 
"clever" techniques that slowed the spam down for a little while, but 
eventually proved to be more nuisance than help.
<csg>