On 2018-10-30, Chris Narkiewicz <he...@ezaquarii.com> wrote: > Hi, > > I'm configuring spamd and I noticed that when I send an e-mail from > GMail, each time the e-mail is submitted by a different IP address. > > Here is spamdb output after sending a test email to myself: > > GREY|209.85.219.182|mail-yb1-f182.google.com|... > GREY|209.85.219.177|mail-yb1-f177.google.com|... > GREY|209.85.219.176|mail-yb1-f176.google.com|... > GREY|209.85.219.172|mail-yb1-f172.google.com|... > GREY|209.85.219.180|mail-yb1-f180.google.com|... > GREY|209.85.219.175|mail-yb1-f175.google.com|... > GREY|209.85.219.173|mail-yb1-f173.google.com|... > GREY|209.85.219.179|mail-yb1-f179.google.com|... > GREY|209.85.208.46|mail-ed1-f46.google.com|... > GREY|209.85.161.52|mail-yw1-f52.google.com|... > ... snip ... > > Of course they are not whitelisted, as each submission > attempt is done by a different node and I guess google has A LOT of > them. I see 2 issues with that: > > 1) e-mail delivery takes a lot of time (as google uses exponential > backoff and stops frequent retries after few failures) > > 2) whitelisted IPs are more likely being expired, as my server is > not getting a lot of gmail traffic > > I suppose different big e-mail providers will > have similar issues. > > I'm also running BGP server to download a whitelist, > but it does not contain google servers. > > Are there any solutions get around this problem? Ideally I'd like > to just whitelist reputable mail providers as I see little chance > that any spammer will outsmart Google/Yahoo/Microsoft/etc.
Opinions definitely vary, but my 2p: I haven't run spamd myself for years, I got fed up with delayed and lost mails. My opinion is that unless you have a really busy mail system behind spamd you're unlikely to get a good set of hosts kept in the whitelist without a bunch of work. It's not just office365 and gmail (which are a pain but can be mostly dealt with by iterating through SPF records and figuring out the addresses of the outgoing mail servers), it's also "transactional" email. Password resets, email address verification, information about orders, tickets, etc. In the past I've particularly noticed this as a problem on mail sent directly from webservers which are often quite poorly setup, sometimes they haven't retried at all, sometimes they've been on a VERY slow retry schedule. Funnily enough the majority of spam that makes it to my inbox is received forwarded from a box that *is* running spamd. Maybe spamd would stop some junk but I get the impression it's likely to be junk that would be fairly easily blockable by other methods anyway and the pain isn't worth it for me.
