[SA-exim] greylisting and MXes

Marc MERLIN marc at merlins.org
Fri Jun 4 11:24:23 PDT 2004

Previous message: [SA-exim] Greylisting mails with URLs
Next message: [SA-exim] spamc/spamasssassin deb dependencies
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, May 18, 2004 at 01:58:21PM -0700, Marc MERLIN wrote:
> On Tue, May 18, 2004 at 10:54:25PM +0200, Richard Lithvall wrote:
> > On 2004-05-18 02:38, Marc MERLIN wrote:
> > 
> > > you shouldn't run SA when receiving mail from your secondary MXes
> > 
> > Ofcourse you should, but you may not want to reject any mail from your
> > secondary MXes.
> 
> Sorry, I forgot to say that I was assuming your secondary MX was running
> sa-exim too.
> If all your MXes aren't running sa-exim with grelylisting, then you can't
> really use greylisting (the discussion at hand)

I've fixed README.greylisting in cvs as such:

+GREYLISTING AND MXES
+--------------------
+Depending on your configuration, you may have realized that SA-Exim doesn't
+play very well with secondary MXes for your domain if they don't run SA-Exim
+too (for instance, you'd send a tempreject on spam and clog up your
+secondary, or maybe even teergrube it if you forgot to add your MX's IP
+in the do not teergrube list.
+For greylisting, it's even more simple:
+If your secondary MXes aren't running SA-Exim with greylisting, then
+greylisting's efficiency will be greatly reduced as most spammers will send
+their spams to your secondary MXes which will accept the mail for you,
+even if it's sent only once, and then your MXes will resend the spam to you
+until you accept it (rendering greylisting useless)
+
+Now, if your secondaries are running greylisting too, most mail will flow
+through with no delay whatsoever. However, in the worst case scenario, a mail
+that isn't spam, but triggers greylisting because its score is high enough to
+generate a tempreject, could be delayed up to twice the whitelisting time
+if it were to go to your secondary MX first (assuming your primary is
+unreachable or temporarily overloaded), and then be resent to your primary
+MX, which would trigger a second greylisting delay
+FIXME: implement a whitelist of sending IPs so that greylisting returns
+whitelisted right away

Marc
-- 
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
                                      .... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/   |   Finger marc_f at merlins.org for PGP key

Previous message: [SA-exim] Greylisting mails with URLs
Next message: [SA-exim] spamc/spamasssassin deb dependencies
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the SA-Exim mailing list