[AusNOG] Greylisting in an ISP / Hosting Environment

Trent Lloyd lathiat at bur.st
Mon Apr 27 14:59:40 EST 2009


On 27/04/2009, at 8:48 AM, Nick Brown wrote:

> Morning All,
> I know this is somewhat off topic for the list, but I'm sure the
> collective mind here will be knowledgeable in the issue none the less.

Come from a medium sized hosting ISP (number of domains in the  
thousands) also running greylisting, I'll sum it up short and sweet

  + It does work, massive spam volume reduction (like, half)
  + Using a tuple of (mail_from,rcpt_to,ip)
  + We still run other stuff (RBLs, SpamAssasin, etc)
  + It does cause delays
  + Users do complain
  + So we let them turn it off per-domain, but it defaults to on
  + Some ISPs are particularly bad (we had to whitelist dodo, they  
wouldn't re-send for 3 days.. literally) .. also bigpond but not as bad
  + A much smaller number of MTAs will actually bounce messages on  
these temporary errors .. not that common but it happened "enough" ..  
lots of dodgy third party windows mail servers .. can't remember which  
  + the qmail greylist patch from shupp is dodgy at best .. but it  
does work mostly .. don't corrupt your MyISAM table holding the  
greylist data or you'll just softbounce everyone .. and it doesn't put  
an error in the log (error was duplicate keys on the auto_increment  
column due to corrupt index)
  + I have had some ISPs that retried sending from a different IP  
causing double greylisting .. might work better to actually greylist  
based on a whole /24 or something instead of the exact IP in the tuple.

  + I still don't like it. :) Effective .. but annoying .. I want my e- 
mail now, dammit. It might work a little better combined with some  
other spam system (i.e. identify potential spam sources and greylist  
them .. or something) .. particularly annoying when it runs on the  
domain your support address is on and you are trying to get customers  
emailing you stuff while on the phone .. I ended up using a different  
domain to normal to get customers to send stuff.


More information about the AusNOG mailing list