Re: [exim] greylisting question

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Andrew
日付:  
To: Exim User's Mailing List
CC: John W. Baxter
題目: Re: [exim] greylisting question
John W. Baxter wrote:

>On 12/30/2004 2:06, "Marc MERLIN" <marc_news@???> wrote:
>
>
>
>>On Thu, Dec 30, 2004 at 03:27:26PM +1100, Andrew wrote:
>>
>>
>>>Hi Everyone,
>>>
>>>I have a question about how grey-listing handles multiple rcpt's (to a
>>>single address) -
>>>
>>>eg (SMTP transaction)
>>>helo me.me
>>>...
>>>mail from: me@???
>>>....
>>>rcpt to: userx@???
>>>rcpt to: usery@???
>>>rcpt to: userxy@???
>>>
>>>
>>I actually made the choice in my implementation (based on SpamAssassin),
>>to accept the mail if any of the tuplets made with the receipients is
>>whitelisted.
>>Not only does it solve your problem, but I also believe it is the
>>correct thing to do: greylisting isn't about delaying mail no matter
>>what, but to stop spam.
>>If one of the tuplets already received mail, the sending mail server
>>will resend to all the other ones sooner or later, so you might as well
>>accept it now
>>
>>
>>
>Hmmm...that isn't a bad idea. (In our greylisting implementation, the
>recipients before the whitelisted recipient would already have been
>rejected...we could stop checking upon seeing a success fairly easily.)
>
>Your idea is vulnerable to a spammer which doesn't retry, but did happen to
>send a second message whose tuple matches a prior message to at least one of
>your users before the expiration time you use. After a multi-recipient
>message accepted by your rules, you would have tuples for every recipient in
>your database (unless you explicitly avoid doing that).
>
> --John
>
>
>


Thanks for all the feed-back - it answered my questions really well....
I'll try the greylisting in the new year :)

Cheers,
Andrew.