|
The greylist filter is a great tool that can be used to fight spam, as long as SMTP server follow the RFC guidelines. Per RFC, if an SMTP server is unable to deliver an email because the receiving SMTP server rejects the connection attempt with a 4xx error code (which indicates a temporary unavailability), they are supposed to retry the delivery after a few minutes.
Unfortunately some providers, notoriously Yahoo, do not respect the RFC. Instead of having the sending SMTP server retry after a few minutes, they delegate the delivery to another of their outbound SMTP servers on a different subnet. As this new SMTP server will be making its initial connection for the very first time, it will be rejected by the greylist filter. The provider will again not follow RFC requirements, and will pass on for delivery the email to yet another SMTP server. The story then repeats itself continuously, causing huge delays in the delivery of the email, until the email is eventually delivered by an SMTP server that was used in the past (which allows it to pass the greylist filter).
To try avoiding this issue, we are now generating every day a huge whitelist of about 125,000 known trusted IPs. To account for little-used SMTP servers on the same subnets, and to reduce the overall file size, we combined them into about 37,000 class-Cs.
The latest file is available at: http://www.logsat.com/SpamFilter/pub/GreyListAllowed.txt" rel="nofollow - http://www.logsat.com/SpamFilter/pub/GreyListAllowed.txt
to install, you will need to stop SpamFilter, add (not replace) the entries from the above file to your existing \SpamFilter\Domains\GreyListAllowed.txt file, and then restart SpamFilter. Do not worry about adding duplicates - SpamFilter will automatically parse that file upon startup, and remove any duplicates for you.
-------------
Roberto Franceschetti
http://www.logsat.com" rel="nofollow - LogSat Software
http://www.logsat.com/sfi-spam-filter.asp" rel="nofollow - Spam Filter ISP
|