Brian Leyton wrote:
I think it might require a bit of prep work to make this a bit less noticeable. The recommendation of building a whitelist ahead of time looks like a very good idea, particularly for the main companies that we correspond with. How would you recommend going about this? I'm thinking that if I parse my logs for a week or two, I could come up with a list of IP addresses for various servers we'd want to whitelist - would you list just that server, or the whole /24?
Actually, you may just be able to use the greylist code. In my case, I put the greylist code into production but commented out the actual tempfail call. I let it run like that for about 2 weeks, during which time it is building up entries in mysql. After the two weeks, I put the tempfail call into place, but all of my customer's main email partners had already cleared the greylist during the 2 weeks. This won't produce a true whitelist, but it will dramatically reduce the impact when you turn greylisting on.
Charles _______________________________________________ NOTE: If there is a disclaimer or other legal boilerplate in the above message, it is NULL AND VOID. You may ignore it. Visit http://www.mimedefang.org and http://www.roaringpenguin.com MIMEDefang mailing list MIMEDefang@lists.roaringpenguin.com http://lists.roaringpenguin.com/mailman/listinfo/mimedefang