Steffen Kaiser wrote: > Hence, you (or "one") have to trust the Whitelist DB more than you need > to trust a Blacklist DB.
I don't really see much of a problem in this case. If someone's going to take the trouble to poison a whitelist of hosts that shouldn't be greylisted, wouldn't it be easier just to get said hosts to retry transmission? Then they would pass the hurdle even if people don't subscribe to the whitelist. What would be useful is when a host IP comes in to be submitted for the whitelist, wait for 24 hours. Then, only if it is *not* on a trustworth DNSRBL (like Spamhaus, etc.) add it to the whitelist. Regards, David. _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
