David F. Skoll
dfs at roaringpenguin.com
Thu Dec 15 08:45:15 EST 2005
Steffen Kaiser wrote:
> Hence, you (or "one") have to trust the Whitelist DB more than you need
> to trust a Blacklist DB.
I don't really see much of a problem in this case. If someone's going to
take the trouble to poison a whitelist of hosts that shouldn't be
greylisted, wouldn't it be easier just to get said hosts to retry
transmission? Then they would pass the hurdle even if people don't
subscribe to the whitelist.
What would be useful is when a host IP comes in to be submitted for
the whitelist, wait for 24 hours. Then, only if it is *not* on
a trustworth DNSRBL (like Spamhaus, etc.) add it to the whitelist.
More information about the MIMEDefang