Graylist settings |
Post Reply 
|
| Author | |
kspare 
Senior Member 
Joined: 26 January 2005 Location: Canada Status: Offline Points: 334 |
 Post Options
 Thanks(0)
 Quote Reply
 Topic: Graylist settingsPosted: 17 January 2008 at 10:34am |
|
I'm trying out 540, 1, 7 today.
Theory is that a new server will be force to take two tries, if they try in 5 minute intervals. They have 1 hour to complete the retry otherwise they are off the limbo. Once they do make it in, they are in the cache for 7 days and we start over again. I've decided to try tightening security on greylisting as opposed to the other methods because of the accuracy that can be attained here. previous I was using dan's settings and reduced our database from 280,000 spam down to 13,000. Maybe this can make it better, maybe not, i'll know in a few days! I just thought i'd share my settings and theory and see if anyone else has some others. |
|
 |
|
|
Desperado
Senior Member
Joined: 27 January 2005 Location: United States Status: Offline Points: 1143 |
Post Options
Thanks(0)
Quote Reply
Posted: 17 January 2008 at 11:13am |
|
Kevin,
I have a potential issue with the 1 hour setting ... one of our mail servers (we have several servers running several MTA's) has a queue flush period of 2 hours and the queue is so huge that it takes all of the 2 hours to do a flush which is why it is a long as it is. Also, we see many servers with a 4 hour cycle. This means that mail would *never* get delivered. This is why I chose 8.
The 540 setting seem safe to me. I think Yahoo is actually around 600
The 7 Day ... may cause delays more often BUT ... I actuall have my backup server set to 2 days! I have reduced my Primary server from my 30 days to 20 days. mostly to cut the list down but also to see if I can reduce the network probing even more. Next shot is 10 days so thai I am heading in your direction on that one!
|
|
|
The Desperado
Dan Seligmann. Work: http://www.mags.net Personal: http://www.desperado.com |
|
|
|
|
kspare
Senior Member
Joined: 26 January 2005 Location: Canada Status: Offline Points: 334 |
Post Options
Thanks(0)
Quote Reply
Posted: 17 January 2008 at 1:00pm |
|
don't most servers wait 5 then 5 then 15 then 3 or 4 hours? In my mind a typical server will try once, and wait 5 minutes to try again, and then try again in 5 minutes. That kinda the norm. However i'm doing this as a test to see if it's anymore effective. So far I don't really think it is, I may move back to a 4 minute and 45 second rule and leave it for 8 hours.
so 285 8 7 is kinda what i'm leaning towards now. or even 260 8 7, I dunno. |
|
|
|
|
Desperado
Senior Member
Joined: 27 January 2005 Location: United States Status: Offline Points: 1143 |
Post Options
Thanks(0)
Quote Reply
Posted: 17 January 2008 at 1:25pm |
|
Well, I looked into 7 mail servers. 3 managed by me and 4 by 4 other guys.
Primary Sendmail: Every 30 Minutes for 2 Days
QMail: Every 4 hours for 4 days
Kerio1: Every 30 Minutes for 3 days
Kerio2: Every 2 Hours for 3 days
Exchange1: 1st 15 Min; 2nd 30 Min; 3rd 60 Min; all others 240 Min for a total of 2 Days
Exchange2: Every 15 minutes for 1 Day
Sendmail2: Every 4 hours for 5 days
As can be seen, it is all over the park. |
|
|
The Desperado
Dan Seligmann. Work: http://www.mags.net Personal: http://www.desperado.com |
|
|
|
|
kspare
Senior Member
Joined: 26 January 2005 Location: Canada Status: Offline Points: 334 |
Post Options
Thanks(0)
Quote Reply
Posted: 17 January 2008 at 1:29pm |
|
hmmm, maybe the first time until you can send again should be set to 14 minutes maybe? I'm more concerned I think with the delay of email more than anything, mind you if you set it to 30 minutes and maybe kept the list for 14 days instead it's not that intrusive....
so maybe 1800 8 14 would be a good setting? |
|
|
|
|
Desperado
Senior Member
Joined: 27 January 2005 Location: United States Status: Offline Points: 1143 |
Post Options
Thanks(0)
Quote Reply
Posted: 17 January 2008 at 1:44pm |
|
Kevin,
The problem is that many mail programs do not retry just one message ... it is a full queue flush or nothing at all and if the queue is large, it takes way longer than a few minutes to complete ... like hours. So, when Yahoo greylists messages leaving our older Sendmail box ... the delay is rather long. This has the effect of making the queue even larger which was my original complaint about greylisting. It all seems to hang together though.
|
|
|
The Desperado
Dan Seligmann. Work: http://www.mags.net Personal: http://www.desperado.com |
|
|
|
|
kspare
Senior Member
Joined: 26 January 2005 Location: Canada Status: Offline Points: 334 |
Post Options
Thanks(0)
Quote Reply
Posted: 17 January 2008 at 1:47pm |
|
So what do you figure it optimal then?
|
|
|
|
|
Desperado
Senior Member
Joined: 27 January 2005 Location: United States Status: Offline Points: 1143 |
Post Options
Thanks(0)
Quote Reply
Posted: 17 January 2008 at 1:51pm |
|
I do not know if it is optimal but I am using:
GreyListInterval=420
GreyListLimboHold=8 GreyListAllowedHold=20 As I said, the "20" number may go down some. I have 700K IPs in my list.
|
|
|
The Desperado
Dan Seligmann. Work: http://www.mags.net Personal: http://www.desperado.com |
|
|
|
Topic Options|
Post Reply
|
|
Tweet
|
| Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |
This page was generated in 0.152 seconds.