[SA-exim] Greylisting Question

Marc MERLIN marc at merlins.org
Fri Sep 15 07:20:56 PDT 2006

Previous message: [SA-exim] Greylisting Question
Next message: [SA-exim] White listing
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Sep 13, 2006 at 11:35:34AM -0400, Jeff Clark wrote:
> Hi, just a quick question.  I've got greylisting set up using sa-exim.  I
> was under the impression that if a mail comes in that scores below the
> SAtempreject threshold, it gets automatically whitelisted.  This doesn't
> seem to be the case on my set up however.  For example, I recently had a
> mail that scored -2.xxx and I see the following in the appropriate directory
> in /var/spool/sa-exim/tuplets:
> 
> 1158145834
> Status: Greylisted
> Last Message-Id: 4507E922.9060503 at xxxx.xxxx
> Whitelisted Count: 0
> Query Count: 1
> SA Score: -2.16985
> 
> The mail didn't actually get temp rejected of course because the score was
> below sa-exim's SAtempreject( 1 in my case) , but I would expect the status
> in the above tuplet to be "Whitelisted".

Ok, I see how you can get confused a bit, it's not what you expected.

So, first, as you say, the mail did get through, which was the idea.

The SA score does not influence whether a host gets whitelisted. It does
influence whether a mail gets accepted though, as you would ultimately
expected.
If the SA score is too high, however, greylisting is skipped, and that will
help the host not to get whitelisted next time.

If it's lower, setting the tuplet to whitelisted wouldn't really help
because you can't have the greylist module say that a host is whitelisted if
it's the first mail you got from there (otherwise, a low SA score would
further lower the score by pretending that the host was whitelisted).
As for the next mail from them, since now you have a tuplet for that source,
the next tuplet is likely to switch to whitelisted, generating the behaviour
we're looking for.

I know it's not super obvious, but ultimately whitelisting happens
independently from the score, so that whitelisting affects the score, but
the score doesn't affect whitelisting (otherwise you'd have have a feedback
loop)

Marc
-- 
"A mouse is a device used to point at the xterm you want to type in" - A.S.R.
Microsoft is to operating systems & security ....
                                      .... what McDonalds is to gourmet cooking
Home page: http://marc.merlins.org/

Previous message: [SA-exim] Greylisting Question
Next message: [SA-exim] White listing
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the SA-Exim mailing list