You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@spamassassin.apache.org by Rob McEwen <ro...@powerviewsystems.com> on 2005/03/24 17:11:07 UTC

question about greylisting

I have a question about greylisting.

Does greylisting **always** involve blocking upon receipt of the SMTP
envelope and not accepting the rest of the message?

Or, can greylisting alternatively work where it **does** accept the
**entire** message (for auditing purposes, for example) and THEN returns the
temporary rejection code?

Thanks,

Rob McEwen
PowerView Systems

Re: question about greylisting

Posted by "Eric A. Hall" <eh...@ehsco.com>.

alan premselaar wrote:
> Rob McEwen wrote:
> 
>>I have a question about greylisting.
>>
>>Does greylisting **always** involve blocking upon receipt of the SMTP
>>envelope and not accepting the rest of the message?
>>
>>Or, can greylisting alternatively work where it **does** accept the
>>**entire** message (for auditing purposes, for example) and THEN returns the
>>temporary rejection code?

> however, temporarily rejecting the message after fully receiving it and 
> processing it kind of defeats the purpose of greylisting. (or at least 
> one major purpose of it)

Yeah, it would still require CPU processing, which is one of the
advantages of refusing to accept the mail in the first place. OTOH, it
would still have value in terms of keeping spam away from the end-users,
which is its own reward sometimes.

-- 
Eric A. Hall                                        http://www.ehsco.com/
Internet Core Protocols          http://www.oreilly.com/catalog/coreprot/

Re: question about greylisting

Posted by alan premselaar <al...@12inch.com>.

Rob McEwen wrote:
> I have a question about greylisting.
> 
> Does greylisting **always** involve blocking upon receipt of the SMTP
> envelope and not accepting the rest of the message?
> 
> Or, can greylisting alternatively work where it **does** accept the
> **entire** message (for auditing purposes, for example) and THEN returns the
> temporary rejection code?
> 
> Thanks,
> 
> Rob McEwen
> PowerView Systems
> 
> 

Rob,

  That depends on how you implement it.  Certainly if you're running 
Sendmail, a tool like MIMEDefang would allow you to implement 
greylisting in any manner you saw fit for your installation.

however, temporarily rejecting the message after fully receiving it and 
processing it kind of defeats the purpose of greylisting. (or at least 
one major purpose of it)

hth

alan

RE: question about greylisting

Posted by Bret Miller <br...@wcg.org>.

> I have a question about greylisting.
> 
> Does greylisting **always** involve blocking upon receipt of 
> the SMTP envelope and not accepting the rest of the message?
> 
> Or, can greylisting alternatively work where it **does** accept the
> **entire** message (for auditing purposes, for example) and 
> THEN returns the temporary rejection code?

The concept is generally that you want to reduce the load on your own
server, so you wouldn't want the overhead of receiving the entire message
first. However, in some environments like Merak server where greylisting
isn't implemented in the SMTP protocol handler, I can see it as effective to
receive the entire message, and add delays and/or temporary rejections from
the static filter application. I would think the effect on the sending
server would be the same or even worse than rejection or delay earlier in
the protocol. However, there would be more overhead on your own server too.

Bret