next »

[italait]

CT have just sent out notifications that some of the shared email servers will have Greylisting enabled on Monday 16th April.  Greylisting will be of great benefit to CT users.  Users can read up on Greylisting here.

In their notification, CT stated that “greylisting will be turned ON by default on our shared mail servers”, and that “It can be turned off at the domain or individual level”.

Users are going to have a number of questions regarding Greylisting and its implementation here at CT.

The first question I have is about whitelisting.  The article states that there are a number of web services (some quite well know, eg. Southwest Airlines, Amazon, Google, and AOL to name a few) who do NOT play nice with greylisting, meaning that they will NOT retry if the first attempt fails.

It is important to automatically whitelist as many reputable SMTP hosts as possible to limit the amount of mail that is delayed (or stopped completely) by greylisting.

The knowledgebase article suggests that each of us may be responsible for maintaining our own whitelist (trusted senders).

Can CT please let us know if they will maintain a global whitelist of reputable SMTP hosts, or if each CT customer will have to maintain such a list for each of their domains?

[TMackie [CT]]

CT have just sent out notifications that some of the shared email servers will have Greylisting enabled on Monday 16th April.  Greylisting will be of great benefit to CT users.  Users can read up on Greylisting here.

In their notification, CT stated that “greylisting will be turned ON by default on our shared mail servers”, and that “It can be turned off at the domain or individual level”.

Users are going to have a number of questions regarding Greylisting and its implementation here at CT.

The first question I have is about whitelisting.  The article states that there are a number of web services (some quite well know, eg. Southwest Airlines, Amazon, Google, and AOL to name a few) who do NOT play nice with greylisting, meaning that they will NOT retry if the first attempt fails.

It is important to automatically whitelist as many reputable SMTP hosts as possible to limit the amount of mail that is delayed (or stopped completely) by greylisting.

The knowledgebase article suggests that each of us may be responsible for maintaining our own whitelist (trusted senders).

Can CT please let us know if they will maintain a global whitelist of reputable SMTP hosts, or if each CT customer will have to maintain such a list for each of their domains?

Not to take away from the other great questions you have, I just wanted to let you know that the whitelist on http://www.greylisting.org/ has not been updated since 2004 and the source that they pull it from has been broke since summer of last year. Out of the 20 or so they have on there list we have seen at least half of them work in test. After yahoo.com implimented greylisting in 2005 email standards changed for alot of compaines.

[Corobori]

I just wanted to let you know that the whitelist on http://www.greylisting.org/ has not been updated since 2004 and the source that they pull it from has been broke since summer of last year. Out of the 20 or so they have on there list we have seen at least half of them work in test. After yahoo.com implimented greylisting in 2005 email standards changed for alot of compaines.

I am not sure how I should by reading your post. Should it be: "Great yahoo.com is using it so it must work", or "How come are we going to have a tool based on something not updated since 2004 and where one company went broke" ? 

Reading how Greylisting work it sounds great, although I am feeling a bit nervous about it. I've got another question: what's the relation between the Greylisting you guys are going to use and the website www.greylisting.org ? Reading http://www.greylisting.org/about.shtml made me ... worried.

[Derek [CT]]

I think the greylisting.org site is simply a reference site, and the owner isn't the developer or instigator for greylisting - he's just providing a service for informing about greylisting.

As for Tom's response, the list that is referenced in ITALAIT's post was last updated over a year ago, so there is a very real possibility that it is no longer valid. Of course, I am the last person to try and put words into someone's mouth, so I may be way off base (posting this from home, too, which is also bad as I didn't talk to Tom before posting).

[loco007]

i really dont get greylisting all that much. Spammers seem to be pretty hardcore folk, wont they just start sending messages twice?

[Corobori]

i really dont get greylisting all that much. Spammers seem to be pretty hardcore folk, wont they just start sending messages twice?

Of course at some stage they will, when greylisting will be more widely used. But then I guess we'll have some other washing powder washing more white than white 

[italait]

Not to take away from the other great questions you have, I just wanted to let you know that the whitelist on http://www.greylisting.org/ has not been updated since 2004 and the source that they pull it from has been broke since summer of last year. Out of the 20 or so they have on there list we have seen at least half of them work in test. After yahoo.com implimented greylisting in 2005 email standards changed for alot of compaines.

Tom,

Thank for the update.

The question then remains,
Do CT have a current list of responsible SMTP hosts that will NOT attempt a retry, or
Do All major players now support greylisting and attempt retries inline with industry standards?

[loco007]

seems to me that its kinda like spf. good in theory, but your gonna lose some emails (but opposite).

[Corobori]

I know you enable and disable Greylisting. Will I be able to know when a message will be trapped by Greylisting ? Will they be tagged as "X-SmarterMail-Spam: Greylisting" ?

[loco007]

o that would be cool if you could see that, guess it would be like a junk email box. I think I would try it if you could see that but my impression was that it just bounced the message completely back to the sender and you never see anything.

[italait]

You will not know if greylisting has bounced an email sent to you, because the CT mail server will have sent the sending mail server a message to try again later.  CT will not have received any message.

However, because the attempt was bounced, the person sending you the message will be informed that the message did not get through.

So far so good, because most mail servers will make more than one attempt to deliver your mail.

The problem only arises with servers that choose not to retry.  The standards for mail delivery require that they should.  So, if CT can maintain a list of reputable smtp servers that refuse to retry then these can be exempted from greylisting and we should not have any problems, other than a few minor delays in delivery.

[Ben Amada]

With greylisting turned on, does that mean emails coming from an address or mail server that is not whitelisted will have to be sent twice before appearing in my inbox?

What if the email contains a 5 MB attachment?  Will that be sent twice as well?

If this is the case, besides doubling the traffic on the internet required to receive these emails (with greylisting turned on), won't this put even more strain on CT's mail servers?

Thanks,
Ben

[italait]

With greylisting turned on, does that mean emails coming from an address or mail server that is not whitelisted will have to be sent twice before appearing in my inbox?

What if the email contains a 5 MB attachment?  Will that be sent twice as well?

If this is the case, besides doubling the traffic on the internet required to receive these emails (with greylisting turned on), won't this put even more strain on CT's mail servers?

Thanks,
Ben

An email will only need to be sent twice if there has been no mail previously sent to CT by the sending mail server for a certain period of time (I think).

The message itself or the attachment will not be sent twice, as on the first attempt the protocol will ask the server to retry later BEFORE any messages are sent.

So any extra strain on CT will be minimal.  In fact, it should reduce spam email traffic considerably.

[Jon [CT]]

SmarterMail has a greyListbypass.xml file that have the following contents.

<?xml version="1.0" encoding="utf-8"?>
<GreyListBypass>

  <!-- Source of most of the IP Addresses in this list: puremagic.com -->
 
  <!-- Private Networks -->

  <Address ip="127.0.0.1" />
  <Address ip="192.168.0.0-192.168.255.255" />
  <Address ip="10.0.0.0-10.255.255.255" />
  <Address ip="172.16.0.0-172.31.255.255" />

  <!-- Public Servers -->
 
  <!-- The servers below are trusted, but either will not retry or wait a very long time before retrying -->

  <!-- AOL -->
  <Address ip="64.12.137.0-64.12.138.255" />
  <Address ip="152.163.255.0-152.163.255.255" />
  <Address ip="205.188.139.136" />
  <Address ip="205.188.139.137" />
  <Address ip="205.188.144.207" />
  <Address ip="205.188.144.208" />
  <Address ip="205.188.156.66" />
  <Address ip="205.188.157.0-205.188.157.255" />
  <Address ip="205.188.159.7" />

  <!-- Southwest Airlines -->
  <Address ip="12.5.136.141-12.5.136.144" />
  <Address ip="63.169.44.143" />
  <Address ip="63.169.44.144" />

  <!-- kernel.org mailing lists -->
  <Address ip="12.107.209.244" />

  <!-- SLmail -->
  <Address ip="63.82.37.110" />

  <!-- sentex.ca -->
  <Address ip="64.7.153.18" />
  <Address ip="205.211.164.50" />

  <!-- collab.net -->
  <Address ip="64.125.132.254" />

  <!-- Yahoo Groups -->
  <Address ip="66.94.237.0-66.94.237.255" />
  <Address ip="66.218.66.0-66.218.67.255" />
  <Address ip="66.218.69.0-66.218.69.255" />

  <!-- Groupwise -->
  <Address ip="66.100.210.82" />
  <Address ip="66.162.216.166" />

  <!-- Ebay -->
  <Address ip="66.135.209.0-66.135.209.255" />
  <Address ip="66.135.197.0-66.135.197.255" />

  <!-- Plexor -->
  <Address ip="66.206.22.82-66.206.22.85" />

  <!-- ljbtc.com -->
  <Address ip="66.27.51.218" />

  <!-- Joker.com -->
  <Address ip="194.245.101.88" />

  <!-- Tid Infomail Exchanger -->
  <Address ip="195.235.39.19" />

  <!-- Skynet.be -->
  <Address ip="195.238.2.0-195.238.3.255" />

  <!-- Ameritrade -->
  <Address ip="204.107.120.10" />

  <!-- SecurityFocus.com -->
  <Address ip="205.206.231.0-205.206.231.255" />

  <!-- Prodigy -->
  <Address ip="207.115.63.0-207.115.63.255" />

  <!-- Amazon.com -->
  <Address ip="207.171.168.0-207.171.168.255" />
  <Address ip="207.171.180.0-207.171.180.255" />
  <Address ip="207.171.187.0-207.171.188.255" />
  <Address ip="207.171.190.0-207.171.190.255" />

  <!-- Sourceware.org -->
  <Address ip="209.132.176.174" />

  <!-- optusnet.com.au -->
  <Address ip="211.29.132.0-211.29.132.255" />

  <!-- MySql.com -->
  <Address ip="213.136.52.31" />

  <!-- AXKit mailing list-->
  <Address ip="217.158.50.178" />
 
</GreyListBypass>

[Corobori]

SmarterMail has a greyListbypass.xml file that have the following contents.

Browsing the file make me wonder how I can find if a local SMTP should be added to this list or not ?