Milter-greylist

Raul Dias wrote:
>>Yes, the fact that this exists already.. it's the lazyaw option.
>>
>>>From greylist.conf:
>>
>># Uncomment if you want auto-whitelist to work for
>># the IP rather than for the (IP, sender, reciever)
>># tuple.
>>#lazyaw
> 
> 
> 
> Thanks.
> 
> When I read lazyaw, I misunderstood it. I thought that it would only
> check the IP connections before AWLing it.
> 
> Any Cons for using lazyaw?

It does make it slightly easier to spam you.

Say for example a backdoored cable box is randomly sending spam to users in your
domain, all from the same envelope sender, and getting greylisted.

Eventually there's a good chance it will try to send a second spam to the same
user. If lazyaw is off, only that one user looses the greylist for this source.
If lazyaw is on, all future mail from that IP, even ones with different senders
or new recipients, will be accepted.

Basically lazyaw causes the "random chance of duplicate hits" to open the gates
for that IP completely. This isn't a wildly common problem, but it is real.