David F. Skoll
dfs at roaringpenguin.com
Thu Dec 15 08:41:13 EST 2005
> Do I understand you correctly that in the CanIT implementation you allow
> all source addresses from a host once one address has cleared
> greylisting from that host?
Yes. We turn off greylisting for a host once one address has cleared it.
(Well, we turn it off for 40 days -- hosts do sometimes change IP
addresses, so you don't want to do that indefinitely.)
> With several of my clients who are small businesses, this would work
> well, as the source servers represent their partners and customers. I
> would think this would be less accurate though when dealing with ISPs
> and the like (hotmail & aol, as you mention).
No, it's perfectly accurate. If a given server retries for one address,
there's a 99.9% chance it will retry for all addresses, so there's
really no point in greylisting it. You don't gain anything, and you
may just annoy the owner of the server in question.
More information about the MIMEDefang