Sendmail: How does one blacklist annoying spammers?

Ed Greshko Ed.Greshko at greshko.com
Sun Jun 27 03:27:15 UTC 2010 

On 06/27/2010 10:42 AM, Greg Woods wrote:
> On Sun, 2010-06-27 at 08:24 +0800, Ed Greshko wrote:
>
>   
>> A well written greylisting milter will utilize a database to maintain a
>> list of sending MTAs that have retried. 
>>     
> Of course. However, many large sites (including ours, which is only
> medium sized) have multiple IP addresses that send out mail, which
> results in the same sender getting greylisted multiple times.
>   
It doesn't take long to accumulate the information on the MTA's of large
organizations that one communicates on a regular basis.  The effects are
very short term.  I lost the data I collected....but I did track how
long it took to stop the delay of inbound traffic from yahoo.  The time
it takes to train is time well spent and need not be done very often.
>   
>>  Additionally, the good milters
>> will have the ability to specify whitelists and blacklists. 
>>     
> Specifying them is one thing, maintaining them is another. Static
> blacklists are useless for the reasons already stated (the sending IP
> addresses of the spammers change too rapidly). White lists could be (and
> are) used, but until someone actually has a problem, you can't know what
> has to be whitelisted. In the several years we have been using
> greylisting, only once have I actually had to whitelist a sender
> (because it was some graduate student in Italy using a homegrown mail
> sender that didn't have retry capability; the scientist here is not
> interested in hearing about how the sender is violating several RFCs )-:
>   
Any good spam reducing efforts take some amount of effort and tracking. 
I've not found too much effort to maintain whitelists since within the
organizations the business related communications were fairly well
defined and understood.  Those organizations didn't have much, if any,
changes in IP addresses of sending MTAs.
> At any rate, the point is that greylisting *does* cause *some* delays. I
> am NOT saying it shouldn't be used, in fact quite the opposite. I *am*
> saying that someone looking to implement greylisting should be aware
> that it will cause some legitimate mail to be delayed.
>
>   
There can and will be delays at times.  Overall, the delays will be
brief (15 min), few, far between and hardly affect established traffic
patterns.  Besides, having greylisting reduces stress on MTAs by cutting
off communication at the earliest stage.

The folks that "complain" about "delays" are also those that set their
POP/IMAP polling intervals to 1min and would love to set it to 1sec if
they were given the option.  I suspect they would have died in the age
of UUCP.


-- 
I want to be so HAPPY, the VEINS in my neck STAND OUT!! 葛斯克 愛德華 /
台北市八德路四段

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 260 bytes
Desc: OpenPGP digital signature
Url : http://lists.fedoraproject.org/pipermail/users/attachments/20100627/f3b9a5ae/attachment.bin

More information about the users mailing list