On Mon, 3 Dec 2012 07:23:59 -0800
Gary Funck wrote:
> Since this is a Spam Assassin list: Is there a way of disabling
> grey listing, but still receiving some benefit from the principle
> that mail received from a first time or infrequent sender should
> be looked upon with some suspicion?
Person
On Mon, 2012-12-03 at 07:23 -0800, Gary Funck wrote:
> Since this is a Spam Assassin list: Is there a way of disabling
> grey listing, but still receiving some benefit from the principle
> that mail received from a first time or infrequent sender should
> be looked upon with some suspicion?
>
Yes.
>> We greylist after the end of DATA. This wastes bandwidth, but lets us
>> use the Subject: line as an additional mix in the greylisting tuple.
>> This catches ratware that retries in the face of greylisting, but
>> mutates the subject line with each retry.
> We use grey listing on our low volum
On 11/29/12 14:46:25, David F. Skoll wrote:
> We greylist after the end of DATA. This wastes bandwidth, but lets us
> use the Subject: line as an additional mix in the greylisting tuple.
> This catches ratware that retries in the face of greylisting, but
> mutates the subject line with each retry.
On 11/29/2012 18:54, David F. Skoll wrote:
[My gut instinct says that a reasonable greylisting interval is too
short for most DNSBLs to react. Pyzor/Razor/DCC may be somewhat more
adept at reacting quickly.]
Something trap-driven like NIX is a candidate. No, it's not safe enough
to reject bas
On 11/29/2012 17:37, John Levine wrote:
Does greylisting increase chances of bulk detectors (razor/pyzor/dcc) in
case of "yahoo like" spam sources?
No. A remarkable fraction of ratware still doesn't bother to retry,
so the most simple minded greylister will deter them. That's why it's
useful.
On Thu, 29 Nov 2012 18:01:38 -0800 (PST)
John Hardin wrote:
> It's not so much the host being blacklisted, as a checksum of the
> spam being published by pyzor et. al., or for spamvertised websites
> in the spam being published by URIBLs, so that when the sender tries
> again the score for that m
On Thu, 30 Nov 2012, John Levine wrote:
Does greylisting increase chances of bulk detectors (razor/pyzor/dcc) in
case of "yahoo like" spam sources?
No. A remarkable fraction of ratware still doesn't bother to retry,
so the most simple minded greylister will deter them. That's why it's
useful
>Does greylisting increase chances of bulk detectors (razor/pyzor/dcc) in
>case of "yahoo like" spam sources?
No. A remarkable fraction of ratware still doesn't bother to retry,
so the most simple minded greylister will deter them. That's why it's
useful. I've never seen any support for the the
On Thu, 29 Nov 2012 22:47:45 +0100
Axb wrote:
> boxes:
About 50 000
> rcpt domains:
About 2000
> rcpt users:
Lots. I don't have an exact figure.
> you guys are sending through greylisting.
This is on our machines. Our larger customers have significantly
higher numbers.
Regards,
David.
On Thu, 29 Nov 2012, David F. Skoll wrote:
On Thu, 29 Nov 2012 21:27:19 +0100
"Andrzej A. Filip" wrote:
Do you treat "yahoo like" spam sources in the same way?
With respect to greylisting, of course. If a machine passes greylisting
once, it's extremely likely to pass it in future and it's
Just wondering how many
boxes:
rcpt domains:
rcpt users:
you guys are sending through greylisting.
Axb
>> I've never had any
>> complaints about delivery speed, but some senders have broken mail
>> servers that don't retry on receiving a temporary failure.
>
> Many such servers use broken SMTP implementations that can't handle
> a 4xx code in response to RCPT properly.
>
> We greylist after the end
On Thu, 29 Nov 2012 21:59:45 +0100
"Andrzej A. Filip" wrote:
> Does greylisting increase chances of bulk detectors (razor/pyzor/dcc)
> in case of "yahoo like" spam sources?
> [ based on your experience ]
I suppose it might, but I don't use razor, pyzor, dcc or anything similar
so I have no perso
On 11/29/2012 09:53 PM, David F. Skoll wrote:
> On Thu, 29 Nov 2012 21:27:19 +0100
> "Andrzej A. Filip" wrote:
>
>> Do you treat "yahoo like" spam sources in the same way?
> With respect to greylisting, of course. If a machine passes greylisting once,
> it's extremely likely to pass it in future
On Thu, 29 Nov 2012 21:27:19 +0100
"Andrzej A. Filip" wrote:
> Do you treat "yahoo like" spam sources in the same way?
With respect to greylisting, of course. If a machine passes greylisting once,
it's extremely likely to pass it in future and it's an utter waste of
time to greylist it.
Regard
On 11/29/2012 09:31 PM, Dave Warren wrote:
> On 11/29/2012 12:27, Andrzej A. Filip wrote:
>> On 11/29/2012 08:46 PM, David F. Skoll wrote:
>>> [...]
>>> Also, once a given IP passes greylisting, we remember that and we don't
>>> greylist that server for 40 days. If you have a large-enough user
>>>
Am 29.11.2012 20:46, schrieb David F. Skoll:
> On Thu, 29 Nov 2012 14:36:45 -0500
> vec...@vectro.org wrote:
>
>> I've never had any
>> complaints about delivery speed, but some senders have broken mail
>> servers that don't retry on receiving a temporary failure.
>
> Many such servers use broken
On 11/29/2012 12:27, Andrzej A. Filip wrote:
On 11/29/2012 08:46 PM, David F. Skoll wrote:
[...]
Also, once a given IP passes greylisting, we remember that and we don't
greylist that server for 40 days. If you have a large-enough user population,
this can greatly mitigate the problems caused by
On 11/29/2012 08:46 PM, David F. Skoll wrote:
> [...]
> Also, once a given IP passes greylisting, we remember that and we don't
> greylist that server for 40 days. If you have a large-enough user population,
> this can greatly mitigate the problems caused by initial greylisting delays.
Do you trea
On Thu, 29 Nov 2012 14:36:45 -0500
vec...@vectro.org wrote:
> I've never had any
> complaints about delivery speed, but some senders have broken mail
> servers that don't retry on receiving a temporary failure.
Many such servers use broken SMTP implementations that can't handle
a 4xx code in resp
21 matches
Mail list logo
