Spam reduction with greylisting

Posted Oct 13, 2016 10:58 UTC (Thu) by mina86 (guest, #68442)
In reply to: Spam reduction with greylisting by matthias
Parent article: Spam reduction with greylisting

I was just gonna say that for proper analysis, some of the messages blocked by gray-listing should be let through to be able to see false-positives.

Spam reduction with greylisting

Posted Oct 13, 2016 11:05 UTC (Thu) by matthias (subscriber, #94967) [Link] (2 responses)

By the nature of greylisting, this is impossible. If you let a message through, you cannot know whether it would have been blocked, because you do not know whether the sending mailserver would retry to send the message if it would have been rejected with the message: "Message delivery temporarily not possible. Please Retry."

Spam reduction with greylisting

Posted Oct 13, 2016 12:22 UTC (Thu) by mina86 (guest, #68442) [Link] (1 responses)

If you gray-list after receiving the full message you will have its content to analyse and can wait for retry from the server with, say, a week time-out.

Spam reduction with greylisting

Posted Oct 13, 2016 12:33 UTC (Thu) by farnz (subscriber, #17727) [Link]

And note that you can restrict yourself to the decisions you could make before DATA, so that you've got the full content plus no modification to behaviour (hopefully) from the greylisting.

This breaks down if anyone's SMTP implementation does something weird like tie the message to a server once it's done internal → RFC-compliant conversion, though.