Re: [exim] Greylistd

Pàgina inicial
Delete this message
Reply to this message
Autor: Ian FREISLICH
Data:  
A: gascione
CC: exim-users
Assumpte: Re: [exim] Greylistd
gascione wrote:
>
> We have started using greylistd for a week now and have seen a dramatic
> drop in accepted SPAM mail. About 95% at last count.
>
> We run a very different config from the default. We greylist for 2
> minutes, delete triplets that don't retry after 2 hours, and delete
> verified retries after 24 hours.


I think deleting untried triplets after 2 hours is a bit agressive
and I've seen zombies retry after 4 minutes. I've seen hosts not
retry for longer than 24 hours as well. These limits are fine for
a home email server, but I think they are inappropriate for a
production environment especially since your greylist doesn't feed
a whitelist.

As an example:
1. At home, I greylist for 15 minutes and delete and blacklist
non-retriers after 24 hours. Retriers get whitelisted, but HELO
morphers get re-greylisted. I'm tempted to increase the temporary
block from 15 minutes to between 30 and an hour for HELO morphers.

2. In our production environment, we greylist for 4 minutes and
remove greylisted entries after 24 hours. Retriers get whitelisted.

Be careful that your greylisting doesn't interfere with SAV callouts
because you will effectively greylist yourself.

Ian

--
Ian Freislich