Henrique de Moraes Holschuh <[EMAIL PROTECTED]> writes: > You can, for example, use dynamic IP supersets to do the greylisting > "triplet" match. Now the problem is a matter of creating the supersets in a > way to not break incoming email from outgoing-SMTP clusters.
Is there a way of doing this which doesn't require you to know in advance the setup of remote networks and such? Does it scale? > You can also only graylist sites which match a set of conditions that flag > them as suspicious. Depending on what conditions you set, you do not have > the risk of blocking any server farms we would want to talk SMTP to. You don't have the risk? Are you saying that there is exactly *zero* risk? Please, if you don't mean that, be more precise. >> So far, all I have seen in response to this particular problem is to >> say that "properly configured" includes an exactly accurate hardcoded >> list of all such sites on the internet. > > Then you are hearing differently now. What ar the "dynamic IP supersets" you speak of, then? >> Another problem is with hosts that do not accept a message from an MTA >> unless that MTA is willing to accept replies. This is a common spam >> prevention measure. The graylisting host cannot then send mail to >> such sites until they've been whitelisted, because when they try the >> reverse connection out, it always gets a 4xx error. I've been bitten > > Why will the host implementing incoming graylisting *always* get a 4xx error > on his outgoing message? I am curious. The other way round. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
