site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Broadband Tech > Security > Scam and Phishbusters > Postgrey for Postfix MTA out

Search Topic:
 Uniqs:
933		 Share Topic
Posting?
Post a:
Post a:
Links: ·Phish Tracker ·Anti-Phishing Work Group ·Avoid Phishing
AuthorAll Replies


devrandom
I got a pot, full of random stuff here
Premium
join:2003-06-28

Postgrey for Postfix MTA out

From the same guy who created Mailgraph, DWS.. today released on postfix-users his newest tool, Postgrey (Postfix Greylist Policy Server).

Located here for the interested: »isg.ee.ethz.ch/tools/postgrey/

In a nutshell, what Greylisting [def] is supposed to accomplish is basically taking advantage of how mailservers generally follow RFCs, and how sloppy spammers don't.

In the normal process of sending mail you normally have something like this..

User-> Sending MTA -> Recipient MTA -> User

But this is what happens if the Recipient MTA is down for some reason (network outage perhaps) or somehow says "come back later".

User -> Sending MTA -> Can't reach Recipient MTA -> Deferred and holding mail for later

Now, what greylisting depends on is getting unlisted, unknown IPs to resend the mail like any sane RFC compliant (and fault tolerant) MTA would do to establish a kind of "trust relationship".

So right after
User -> Sending MTA -> Can't reach Recipient MTA -> Deferred and holding mail for later

It would go try again..
User -> Sending MTA -> Recipient MTA -> User

and that would work technically.

In the case of a spammer, it would go something like this..

User -> Sending MTA -> Can't reach Recipient MTA -> ???

Of course, you're thinking right now..what if spammers follow the RFC and just send the mail again?

The thing here is that greylisting depends on unknown IPs to say "come back later, I might let you in then," which the advocacy site at that point in time proposes that it'll be caught by spam filters anyway (possibly external filters like Razor).

This in fact is a very "shaky ground" situation, but maybe just an annoyance tool at best in the MTA administrator's arsenal of toys, bats, clubs and ninjas.

I personally won't use it, but just thought it might be nice to bring another tool into the eyes of administrators out there everywhere. Its a nice tool, just maybe not for everybody.

Anybody want to chime in on what they think the usefulness of greylisting will be?
to forum · permalink · 2004-05-20 17:06:49 ·


jester121
Premium
join:2003-08-09
Lake Zurich, IL
Reviews:
·voip.ms

I'd say questionable at best. Anyone whose server sends to hotmail knows how overloaded their SMTP servers get; I frequently see messages sit in queue for a couple hours before they get sent without timing out.

And based on the amount of junk that shows up in my hotmail account, even with their blocking efforts, I'd question whether or not this is worth the effort.

to forum · permalink · 2004-05-20 17:31:46 ·
Forums > Broadband Tech > Security > Scam and Phishbusters

Friday, 10-Feb 01:16:30 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 12.5 years online! © 1999-2012 dslreports.com.
Most commented news this week
Hot Topics