[Top] [All Lists]

Re: greylisting done at end of headers, or end of daya (QUIT) ?

2007-01-31 18:45:47

Carl S. Gutekunst wrote:

Let's say I just bought some software; the vendor is about to E-mail me the license key. Or: I just registered at my health insurance company, and they're sending me a confirmation code via E-mail that I must have for access to my medical records. How am I supposed to white list those? Even if I can guess what domain they're sending from, it's still a manual process.

Good point. What I do is give these special, rare and personal signup processes, a special email address that is only temporary and dedicated for the specific purpose. I also use a special "dump box" where everything is accepted for these type of stuff where I don't want to worry about given them a special address.

This also eliminates the worry about them selling the email address. Regardless if they say they won't, I don't believe them. :-)

The final straw was a small software vendor who had outsourced their license key generation, and the key generator's SMTP client didn't grok 4xx errors and disabled my account. I had to badger them for several days to get the stupid key.

Bottom line for me is gray listing turned out to be one of the many "clever" techniques that slowed the spam down for a little while, but eventually proved to be more nuisance than help.

I can appreciate your point and opinion, but IMV you are talking about highly rare transactions. By far, the BAD outweight the GOOD and that is what most low to mid tier sysops have realized when they isn't really must else to go by these days. Even high tier operations are using Greylisting methods. But no doubt, the low to mid tier (the majority of the internet) is where you are seeing Greylisting growth.

What I tell my sysops is that if you sit there watching this stuff, waiting for the mail, you will increase your doubt wondering whats going on or if the good guy is going to try again, and when. Just let it run and it works. Good Systems are 100% SMTP compliant and will try again. I have YET to see a false positive and if it happen, it was a BADLY operated system - which I'm sure happen, but its RARE.