Greylisting whitelist opinion

Vernon Schryver vjs@calcite.rhyolite.com
Sat Sep 6 21:58:05 UTC 2003


> From: Valentin Chopov <valentin@valcho.net>

> According to dccd man page -
> "If the SMTP client persists past the embargo,
> the triple is added to the database and remains
> familiar for 'white' seconds."
> Does this mean that every time the triple - IP address,
> sender and recipient must be uniq?  I  think that
> the IP address of the SMTP client will be enough for
> this temporary whitelist.

One might also argue that the temporary whitelist entry should
be for the pair of (IP address, sender).

An argument against whitelisting either the IP address or the
pair (IP address, sender) instead of the more restrictive
(IP address, sender, target) is that a given IP address can
send both spam and legitimate mail and that one target using
a single greylist server might want all mail while another might
want strong filtering.

The reason the DCC code does as it does is because I didn't think much
about tags other than the triple.  It did seem to me that if the costs
of greylisting are tolerable at all, they're also tolerable if you
use a triple.

It would be fairly easy to completely replace the triple with just
the IP address or just the pair (IP address, sender).  If that would
be a popular alternative, it would be good to know sooner than later,
because it should be done by changing -G for dccm to require a value.

It would be more difficult to use the triple for the initial embargo
but whitelist by IP address.  However, I see a tolerable way to do it.


Vernon Schryver    vjs@rhyolite.com



More information about the DCC mailing list

Contact vjs@rhyolite.com by mail or use the form.