Fedora-List & Greylisting

[Scot L. Harris]

On Wed, 2005-02-23 at 12:53, James Wilkinson wrote:
> David Cary Hart wrote:
> > I condensed the log text. I'm also trying to figure out why the delay
> > varies. Is this traffic based perhaps?
> 
> It wouldn't simply be that the first delay was 30 minutes, and the next
> two e-mails were sent 21 minutes later? So there'd still be about nine
> minutes of the greylist delay left to run?

It is hard to tell with the log entries provided.  But the typical way
greylisting works and the way I have seen milter-greylist in particular
work is that when the first attempt to send a message is tried that
message will be greylisted and you will get the initial message seen. 
They appear to be using the default setting of 30 minutes.  On
subsequent attempts to deliver that particular message you will get
similar messages but the time will be reduced by x amount depending on
how long it has been since the first delivery attempt.  In this case it
looks like there were two attempts in just a few seconds.  And if
multiple messages were sent during that time period the greylisting
system is going to see them as the same tuple (IP address, sender,
recipient) and report back the remaining time in the greylist period.

Once the first message is successfully delivered that tuple (IP address,
sender, recipient) will be auto whitelisted for some period of time.  I
think the default is 3 days or 1 week.  Any new messages sent during
that time will not be delayed but will be accepted on the first attempt.

-- 
Scot L. Harris
webid at cfl.rr.com

Two is not equal to three, even for large values of two.