Milter-greylist

On Fri, Mar 11, 2005 at 01:02:42PM -0500, Uriel Wittenberg wrote:
> Why don't ISP's use real-time black lists *retroactively* to eliminate 
> ------------------------------------------
> NOON: Spam item Z from spammer X to spammee Y arrives at Y's mail server. X 
> is NOT on blacklist.
> 
> 1:00 PM: X's address appears on blacklist; Y has not yet read his email (so 
> has not yet retrieved item Z).
> ------------------------------------------
> 
> ... why not delete spam item Z at 1:00 PM?

Interesting idea, but
1) black lists are not reliable
2) your idea woks only if the mail is hold on the mail server. What if it
has been forwarded to another machine?
3) deleting mail is dangerous. greylisting never deletes, it refuses. That
makes a difference: is the mail is lost, it's because the sender is 
misconfigured.

In fact your idea could be used at the MUA level: there are bayesian filters
that attempt to classify spam, the MUA could also use DNSRBL as a hint
that a message is spam.

-- 
Emmanuel Dreyfus
manu@...