last AprilMartin Blapp has presented a nice concept at SwiNOG:

instead of greylisting, the SMTP server delays the first OK response to 
HELO/EHLO 
for 30 seconds. That is usually enough for the vast majority of spambots to 
give up.
Also if the client tries to send something before receiving the OK, the 
connection 
is dropped immediately.

Martin implemented this hack in a FreeBSD kernel module. Of course this gives 
more room for performance, but then it binds the solution to a specific OS and 
kernel release. I personally feel there's something wrong if the kernel has to 
deal with an application-level protocol. On the other side, you usually install 
a 
dedicated server just for incoming mail processing.

I think there should be ways to do it outside of kernel, in userland, in a nice 
and efficient way. But I never had the time to dig any deeper :)
The biggest challenge is to keep thousands of open TCP connections in the memory
and still have enough CPU power to process SMTP and deliver the mail. 


cheers,
stan


----- Original Message ----
> From: Gregoire Galland <m...@hispeed.ch>
> To: "swinog@lists.swinog.ch" <swinog@lists.swinog.ch>
> Sent: Mon, October 19, 2009 6:27:25 PM
> Subject: [swinog] Greylisting
> 
> Hi all!
> 
> I was wondering who is using Greylisting in their compangny, and if yes,
> do they receive any complaints from customers about latency or not
> deliverance of mail?
> 
> Thanks for answer
> 
> G.Galland

_______________________________________________
swinog mailing list
swinog@lists.swinog.ch
http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog

Reply via email to