Re: [spamdyke-users] Is there a way to populate thegraylistdatabase WITHOUT effectively doing graylisting
That will populate the database for all email. Including spammers. Any spammers who send messages during the period in which the database is being populated will get a free pass, even after greylisting is activated. Perhaps you can live with that. That will populate the database with all the addresses who send email to my users. Just like the graylisting do, no more no less. The entry will survive _as_long_as_it_will_with_graylisting_fully_enabled_, NO MORE and no less. It will NOT whitelist the address. After graylisting been enabled, It won't block addresses already on the database AND that its time is lesser than graylist-max-secs. No more and no less. smime.p7s Description: S/MIME cryptographic signature ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Is there a way to populate thegraylistdatabase WITHOUT effectively doing graylisting
David Sánchez Martín wrote: That will populate the database for all email. Including spammers. Any spammers who send messages during the period in which the database is being populated will get a free pass, even after greylisting is activated. Perhaps you can live with that. That will populate the database with all the addresses who send email to my users. Including spam. Just like the graylisting do, no more no less. The entry will survive _as_long_as_it_will_with_graylisting_fully_enabled_, NO MORE and no less. It will NOT whitelist the address. Right, but some spammers will be passing the greylist. After graylisting been enabled, It won't block addresses already on the database AND that its time is lesser than graylist-max-secs. No more and no less. About graylist-max-secs (from the doc): NOTE: A graylist entry's expiration date is reset each time a message passes the filter. If the maximum age is 2 weeks and the sender sends a message every day, their entry will never expire because it is continually reset. Given that your primary objective seems to be to eliminate any delays from existing emailers, I suppose this would work for you. Spammers who hit sporadically will eventually expire. I just intend to point out that persistent spammers who send more often than graylist-max-secs will continue to pass. Again, this might be livable. I've no idea how persistent spam generally is. -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Is there a way to populate thegraylistdatabase WITHOUT effectively doing graylisting
Given that your primary objective seems to be to eliminate any delays from existing emailers, I suppose this would work for you. Spammers who hit sporadically will eventually expire. I just intend to point out that persistent spammers who send more often than graylist-max-secs will continue to pass. Again, this might be livable. I've no idea how persistent spam generally is. That's correct, and it's true for the whole graylisting process. There's no difference, to this extend, of enabling it in full at the very beginning or not. Persistent spammers will hit, in any case, but that wasn't what I was trying to solve (as you said, this is something I should consider if it's acceptable or not, but this is another matter, graylisting is what it is, you can take it or leave it as is). Best regards :-) --- David Sanchez Martin Administrador de Sistemas dsanc...@e2000.es GPG Key ID: 0x37E7AC1F E2000 Nuevas Tecnologías Tel : +34 902 830500 smime.p7s Description: S/MIME cryptographic signature ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Is there a way to populate thegraylistdatabase WITHOUT effectively doing graylisting
Thanks, David. The light just came on. (duh) :) David Sánchez Martín wrote: Given that your primary objective seems to be to eliminate any delays from existing emailers, I suppose this would work for you. Spammers who hit sporadically will eventually expire. I just intend to point out that persistent spammers who send more often than graylist-max-secs will continue to pass. Again, this might be livable. I've no idea how persistent spam generally is. That's correct, and it's true for the whole graylisting process. There's no difference, to this extend, of enabling it in full at the very beginning or not. Persistent spammers will hit, in any case, but that wasn't what I was trying to solve (as you said, this is something I should consider if it's acceptable or not, but this is another matter, graylisting is what it is, you can take it or leave it as is). Best regards :-) --- David Sanchez Martin Administrador de Sistemas dsanc...@e2000.es GPG Key ID: 0x37E7AC1F E2000 Nuevas Tecnologías Tel : +34 902 830500 ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Is there a way to populate thegraylistdatabase WITHOUT effectively doing graylisting
Hi Michael, So Set it to 1 minute. Certainly your users can wait 1 minute... I think greylisting may loose some of its effectiveness this way... Set it to 10 minutes, don't tell them it's there, and they likely won't even notice. I know, but what I'm trying to do is, IMHO a reasonable approach. See what's happening, populate the database, do some research on the results (may be doing some whitelists with that results) and then do the graylist the way it's thought to be. It's just a matter of prudence. Regards. smime.p7s Description: S/MIME cryptographic signature ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Is there a way to populate thegraylistdatabase WITHOUT effectively doing graylisting
David, That sounds like a neat idea, but I don't think it'd work. If you simply allow the session to complete and create a greylist entry for everything, you will have effectively whitelisted every incoming message, including the bad ones. Greylisting works because some spammers don't retry when a session fails. If everything passes, you've no way of knowing which ones would or would not have retried. The greylist database would be useless. Let me think about it. If greylisting is enabled as usual: When a foreign user sends a message to a local user is greylisted, then: 1.- It's created an entry in the greylisting database. 2.- It's blocked and each retry is blocked also at least for graylist-min-secs seconds. 3.- No further tests are passed. Session is closed. When graylist-min-secs time passes: 1.- The message passes greylist filter and touches the file. 2.- The message is tested against other filters. Ok, What i'm trying to accomplish: When a user foreign a message to a local then: 1.- The message passes greylist filter and touches the file. 2.- The message is tested against other filters. That will populate the database, that is what i want before putting graylist at work. Sorry, perhaps I'm missing something. Best regards. smime.p7s Description: S/MIME cryptographic signature ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Is there a way to populate thegraylistdatabase WITHOUT effectively doing graylisting
David Sánchez Martín wrote: David, That sounds like a neat idea, but I don't think it'd work. If you simply allow the session to complete and create a greylist entry for everything, you will have effectively whitelisted every incoming message, including the bad ones. Greylisting works because some spammers don't retry when a session fails. If everything passes, you've no way of knowing which ones would or would not have retried. The greylist database would be useless. Let me think about it. If greylisting is enabled as usual: When a foreign user sends a message to a local user is greylisted, then: 1.- It's created an entry in the greylisting database. 2.- It's blocked and each retry is blocked also at least for graylist-min-secs seconds. 3.- No further tests are passed. Session is closed. When graylist-min-secs time passes: 1.- The message passes greylist filter and touches the file. 2.- The message is tested against other filters. Ok, What i'm trying to accomplish: When a user foreign a message to a local then: 1.- The message passes greylist filter and touches the file. 2.- The message is tested against other filters. That will populate the database, that is what i want before putting graylist at work. Sorry, perhaps I'm missing something. Best regards. That will populate the database for all email. Including spammers. Any spammers who send messages during the period in which the database is being populated will get a free pass, even after greylisting is activated. Perhaps you can live with that. -- -Eric 'shubes' ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Is there a way to populate thegraylistdatabase WITHOUT effectively doing graylisting
I understand now. Basically, you want to add some addresses to the graylist filter but since you don't know which addresses to use, you're trying to use the graylist filter to collect that information. I have a different idea that will probably work better. Instead of finding a way to partially enable the graylist filter, just leave it turned off for a while. Run spamdyke so that it will log messages about incoming and outgoing email. Then, after a week or two, use the logs to discover which remote addresses are sending to your users and vice-versa. That will give better information anyway, since it will show which addresses your users are sending _to_ and how often. Those are the ones that most likely need to be added to the graylist filter. -- Sam Clippinger David Sánchez Martín wrote: David, That sounds like a neat idea, but I don't think it'd work. If you simply allow the session to complete and create a greylist entry for everything, you will have effectively whitelisted every incoming message, including the bad ones. Greylisting works because some spammers don't retry when a session fails. If everything passes, you've no way of knowing which ones would or would not have retried. The greylist database would be useless. Let me think about it. If greylisting is enabled as usual: When a foreign user sends a message to a local user is greylisted, then: 1.- It's created an entry in the greylisting database. 2.- It's blocked and each retry is blocked also at least for graylist-min-secs seconds. 3.- No further tests are passed. Session is closed. When graylist-min-secs time passes: 1.- The message passes greylist filter and touches the file. 2.- The message is tested against other filters. Ok, What i'm trying to accomplish: When a user foreign a message to a local then: 1.- The message passes greylist filter and touches the file. 2.- The message is tested against other filters. That will populate the database, that is what i want before putting graylist at work. Sorry, perhaps I'm missing something. Best regards. ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
Re: [spamdyke-users] Is there a way to populate thegraylistdatabase WITHOUT effectively doing graylisting
I'm agree with Sam solution, that's the way to do a nice database,you can check which domains sends emails to your domain, then add to the graylist file or directory, after two weeks or 4 weeks will be better, then you turn on graylist. Users will see a nice service of mail, server will work better because graylisting it's a cool utility. David pienso que esa es la manera de hacerlo, pero sobre todo no puedes activar el graylisting con tan poco tiempo porque eso no seria graylisting. Revisa cada semana el log y vas añadiendo los distintos dominios de los que recibes email, o los añades al directorio de graylisting o en una lista whitelist para evitar chequeos. Despues de un mes, activas el graylisting y seguro que tus usuarios lo notaran. Pero debes de tener en cuenta que todo no puede ser, o una cosa o la otra, no ambas a la vez porque te va a dar problemas. Por ejemplo yo lo monte con el dominio ibm.com pero resulta que ibm usa subdominios... asi que tienes que tenerlo en cuenta porque un usuario puede recibir correos de es.ibm.com o uk.ibm.com, ie.ibm.com,etc... Suerte 2009/4/24 Sam Clippinger s...@silence.org: I understand now. Basically, you want to add some addresses to the graylist filter but since you don't know which addresses to use, you're trying to use the graylist filter to collect that information. I have a different idea that will probably work better. Instead of finding a way to partially enable the graylist filter, just leave it turned off for a while. Run spamdyke so that it will log messages about incoming and outgoing email. Then, after a week or two, use the logs to discover which remote addresses are sending to your users and vice-versa. That will give better information anyway, since it will show which addresses your users are sending _to_ and how often. Those are the ones that most likely need to be added to the graylist filter. -- Sam Clippinger David Sánchez Martín wrote: David, That sounds like a neat idea, but I don't think it'd work. If you simply allow the session to complete and create a greylist entry for everything, you will have effectively whitelisted every incoming message, including the bad ones. Greylisting works because some spammers don't retry when a session fails. If everything passes, you've no way of knowing which ones would or would not have retried. The greylist database would be useless. Let me think about it. If greylisting is enabled as usual: When a foreign user sends a message to a local user is greylisted, then: 1.- It's created an entry in the greylisting database. 2.- It's blocked and each retry is blocked also at least for graylist-min-secs seconds. 3.- No further tests are passed. Session is closed. When graylist-min-secs time passes: 1.- The message passes greylist filter and touches the file. 2.- The message is tested against other filters. Ok, What i'm trying to accomplish: When a user foreign a message to a local then: 1.- The message passes greylist filter and touches the file. 2.- The message is tested against other filters. That will populate the database, that is what i want before putting graylist at work. Sorry, perhaps I'm missing something. Best regards. ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users ___ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
