Yahoo Groups archive

Milter-greylist

Index last updated: 2026-04-28 23:32 UTC

Message

Re: [milter-greylist] A few new user's thoughts

2004-12-09 by manu@netbsd.org

egcrosser <egcrosser@...> wrote:

> 1.
> Submissions that pass SPF check are not greylisted.  I think that this
> is wrong.  Being SPF-clean does not guarantee that the message is not
> spam.  There where even reports in press that there was more SPF-clean
> spam mesaured than SPF-clen valid mail.  What SPF does guarantee is
> that sender domain was not spoofed.
> 
> I think that better approach would be to greylist such messages, but
> instead of (sender-IP sender-address recipient-address) tuple use
> (sender-domain sender-address recipient-address) or maybe rather
> (sender-domain recipient-address).

Well, you don't really win anything. IMO spammers using SPF compliant
servers are not such a problem: they have a real server, so their spam
will get through. Our usage of SPF just means it passes through
immediatly instead of delayed. I don't see any change to that in your
proposal.

Spammers with real mail servers belong to the black list, IMO. Whether
they use SPF or not does not change much of the problem.
 
> I find it very a compelling idea to have dynamic greylisting delay,
> per sender IP (or sender domain for SPF-verified submissions), growing
> if there are many submissioons for non-existent users from the IP.
> This would be kinda simple reputation system.

That's an interesting idea. Don't you fear you could give higer and
higher scores to ISP mail servers? Those are regularly used to realy
spam by their own customers. Usually this is punished as soon as you
send an abuse, but another customer will do it again soon. 
 
> 3.
> Now and then, I get this pair of messages in the log:
> 
> Dec  9 00:19:28 auhost sm-mta[14836]: iB8LJHFq014836: Milter
> (milter-greylist):
> timeout before data read
> Dec  9 00:19:28 auhost sm-mta[14836]: iB8LJHFq014836: Milter
> (milter-greylist):
> to error state
> 
> (and sendmail returns "451 4.3.2 Please try again later" because I
> configured the filter as "F=T").

milter-greylist timed out answering. If you use SPF, that's probably the
DNS request that caused it. Raise the timeout delay in sendmail.cf
 
> Also, from time to time, there is a message:
> 
> Dec  9 00:41:07 auhost milter-greylist: smfi_getsymval failed for
> {if_addr}
> 
> in the log.
> 
> Any comments?

Mail comming from localhost?

-- 
Emmanuel Dreyfus
Il y a 10 sortes de personnes dans le monde: ceux qui comprennent 
le binaire et ceux qui ne le comprennent pas.
manu@...

Attachments

  • No local attachments were found for this message.

Move to quarantaine

This moves the raw source file on disk only. The archive index is not changed automatically, so you still need to run a manual refresh afterward.