[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

greylisting and dynamic host IPs, was: Default MTA for Fedora 7

On Mon, 2007-02-05 at 11:25 +0000, David Woodhouse wrote:

> The point in greylisting is very simple: it's to check that the mail is
> coming from a 'proper' mail server which actually does retry mail when
> you give a temporary rejection. Some people naïvely delay all incoming
> mail (and some outgoing mail too, if they reject at RCPT TO and the
> recipient uses callouts) by greylisting indiscriminately. I prefer mail
> to be fast in the common case, so I like to delay _only_ mail which
> actually looks suspicious in some way, and I prefer _never_ to greylist
> mail from a host (IP address) which was already observed to retry in the
> past.

Note that you should probably only pass at greylisting if an IP is not
from one of the "known" ranges of dynamic IPs.

     Nils Philippsen    /    Red Hat    /    nphilipp redhat com
"Those who would give up Essential Liberty to purchase a little Temporary
 Safety, deserve neither Liberty nor Safety."  --  B. Franklin, 1759
 PGP fingerprint:  C4A8 9474 5C4C ADE3 2B8F  656D 47D8 9B65 6951 3011

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]