Re: [exim] Greylisting algorithms after end of DATA

Top Page
Delete this message
Reply to this message
Author: Renaud Allard
Date:  
To: Mike Cardwell
CC: exim-users
Subject: Re: [exim] Greylisting algorithms after end of DATA


Mike Cardwell wrote:

>
> If a host passes greylisting, I don't bother applying it to any other
> connection from that host regardless of the sender/recipient, as it's
> already "proved" to retry. If a connection passes the greylisting, it's
> remembered for 60 days. If it doesn't retry within 24 hours, it has
> failed. All retries within the first 3 minutes since the initial attempt
> are defered.


Some hosts acts as gateways with NAT and mail relaying. The mail relay
will probably retry each time. But infected windows zombies behind the
gateway won't all the time. I find it pretty useful to greylist for each
triplet (IP/from/to) as it has proven to block zombies behind gateways,
and not the legitimate mails.