Re: Introducing greylisting on

A short timeout would lessen the annoyance, but even if the timeout is set low, you still have to wait on the mailserver's own resend cycle.

Depending on the service sending the mail in the first place, the mail could be sent from several different machines/IPs, one for each attempt, and any new mail sent from that same specific service can come from a different IP, even if it's the same sender, so it gets bounced again.

On Feb 4, 2006, at 3:46 PM, Kevin Kubasik wrote:

But even if the timeout was set to a minute, you would see an
incredible reduction in spam, and after the first month or so, we
would rarely see delays much beyond the backup that some of the
systems might already experience on a busy day.

-Kevin Kubasik
On 2/4/06, aaron <aaron the-escape org> wrote:
Greylisting is extremely irritating when you are counting on timely
delivery of an email. I personally do not have time to wait X minutes
for every new ip and sender that tries to send me mail.

Tomas Ögren wrote:


While trying to help get mail flowing over at, I noticed that isn't using greylisting.

For those who isn't sure what this is about, read

From what I've seen, some people seem to have something against it. Not
sure what though, since you only get a delay for the -first- mail with a certain triple (sender, recipient, sender ip). The rest is let through
immediately (after an X minute waiting period for the first mail).
If some mail is lost due to greylisting, that mail could have been lost
in regular mail flow as well.

Using greylisting cuts away lots of virus and a large amount of spam as
well. Granted, it does not stop all - but it sure helps.

Examples on how it worked out for me at two systems:

Check the bottom graphs and guess when we started using greylisting.

At those systems, we use (just like at postfix with amavisd
[sa + clam].. Then we added postgrey..

Needed changes in postfix was:
smtpd_restriction_classes = greylist
greylist = check_policy_service inet: = 3600

smtpd_recipient_restriction =
              everything like now, but as last entry before the mail
              is supposed to be accepted
check_recipient_access hash:$config_directory/ access_recipient

access_recipient (new file or so):
# example of exception from greylisting
someuser gnome org  DUNNO
# gl the rest      greylist

If you want to try on a single user first, don't use the domain
catch-all in access_recipient and put a specific recipient there

mneptok said I should mail this here. Flame him etc ;)


Gnome-infrastructure mailing list
Gnome-infrastructure gnome org

Kevin Kubasik

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]