Spam Filter ISP Support Forum

  New Posts New Posts RSS Feed - Grey List By Domain
  FAQ FAQ  Forum Search   Register Register  Login Login

Grey List By Domain

 Post Reply Post Reply
Author
ecarbone View Drop Down
Newbie
Newbie
Avatar

Joined: 11 January 2014
Location: Mexico
Status: Offline
Points: 24
Post Options Post Options   Thanks (0) Thanks(0)   Quote ecarbone Quote  Post ReplyReply Direct Link To This Post Topic: Grey List By Domain
    Posted: 31 October 2014 at 4:05pm
Is it possible to enable or some how control the GreyList feature by Domain? Either sender domain or receiver domain.

We have noticed that many servers are NOT honoring the mail standard for "retries" and when the SpamFilter rejects on first try, the sending server does not retry from the same IP, instead; relays the mail to another server; which in turns tries to connect and gets rejected by SpamFilter (cause is it's first time) and the story goes on and on until a server with an IP already in the "approved" GrayList takes the email and succesfully sends it.

I've already implemented the "Daily GreyList.txt" file that was commented on this post, but still having issues.

That's why I'm trying to see if we can turn on or off by domain, either sender or receiver.

If the latter can't be done, is there a way to know which IP's are not honoring the GreyList mechanism and which domain they were supposed to be representing? In that way we could manually add them to the GreyList.txt file. For example, how to know that IP w.x.y.z was representing yahoo.com and did not came back after the initial Greylist reject.

Regards,

   Enrique.
Enrique
Back to Top
LogSat View Drop Down
Admin Group
Admin Group
Avatar

Joined: 25 January 2005
Location: United States
Status: Offline
Points: 4104
Post Options Post Options   Thanks (0) Thanks(0)   Quote LogSat Quote  Post ReplyReply Direct Link To This Post Posted: 01 November 2014 at 2:31pm
The greylist is used to reject inbound TCP connections to SpamFilter - this occurs immediately, before the SMTP session is established and the sender begins to send the MAIL FROM / RCPT TO commands to specify the sender and the recipient. SpamFilter thus does not know what domain the email is addressed to when using the greylist filter, so it's not possible to customize the greylist filter based on the domains.

While we do not know which provider does not honor the RFC that requires the specific server that made the initial connection to retry, I can provide you with a list of companies/providers that are associated with the IPs listed in the daily greylist file we update at http://www.logsat.com/SpamFilter/pub/GreyListAllowed.txt

The list is quite long, but if you'd like a one-time extract (the list is rather static as these IPs rarely change) please let us know and I can email it to you.
Roberto Franceschetti

LogSat Software

Spam Filter ISP
Back to Top
ecarbone View Drop Down
Newbie
Newbie
Avatar

Joined: 11 January 2014
Location: Mexico
Status: Offline
Points: 24
Post Options Post Options   Thanks (0) Thanks(0)   Quote ecarbone Quote  Post ReplyReply Direct Link To This Post Posted: 14 November 2014 at 3:13pm
Hi Roberto, 
  
   We have struggled to get the set of IPs that we need to include to the "GreyListAllowed", looking at the format it seems that if I type something like

216.82.253.*~47795.0

I'm letting the full Class "C" range to get included, and that happens to be what I need; so please tell me if I'm correct. 

Also, I want to know if I can type something like:

216.82.24*.*~47795.0

meaning that I'm allowing the following ranges:

216.82.240.*
216.82.241.*
216.82.242.*
216.82.243.*
216.82.244.*
216.82.245.*
216.82.246.*
216.82.247.*
216.82.248.*
216.82.249.*

is my assumption OK ? or I have to type each C range individually.

Lastly, Once I have updated my Greylist.txt file and restarted the service; do I need to update it next day; do the IPs entered in that file have some king of time expiration?

Regards.

   Enrique
Enrique
Back to Top
LogSat View Drop Down
Admin Group
Admin Group
Avatar

Joined: 25 January 2005
Location: United States
Status: Offline
Points: 4104
Post Options Post Options   Thanks (0) Thanks(0)   Quote LogSat Quote  Post ReplyReply Direct Link To This Post Posted: 15 November 2014 at 7:14am
Enrique,

You are correct in the first assumption. This entry:

216.82.253.*~47795.0

will allow the entire Class C range to pass the greylist filter. While that list was not originally intended to be user-modifiable, it does support the use of wildcards. You can also use the "*" to wildcard larger ranges. For example:

216.82.*~47795.0

will allow the whole 216.82.nnn.nnn range to be excluded. You can also use this:

216.82.25*~47795.0

to allow the range:
216.82.250.nnn
216.82.251.nnn
.....
216.82.255.nnn

The use of the "?" to substitute a single character is also supported. For example:

216.82.2?3.*~47795.0

will allow you to exclude the range:

216.82.203.nnn
216.82.213.nnn
216.82.223.nnn
...
216.82.253.nnn


The decimal number after the "~" character indicates the number of days that have passed since 12/30/1899. The fractional part of the value is fraction of a 24 hour day that has elapsed.

SpamFilter will delete from the greylist file any IPs that are listed having a date indicated in the above format which is older than the number of days indicated in the following SpamFilter parameter (60 days by default):
GreyListAllowedHold=60


So in your example, if you have an entry with:
216.82.24*.*~47795.0

The number 47795.0 indicates 47795 days after 12/30/1899, which adds up to Nov 7, 2030. So SpamFilter would delete that line from the GreyListAllowed.txt file 60 days after that day, on Jan 6, 2031. 
So that entry would pretty much be permanent for the next 16 years or so.
Roberto Franceschetti

LogSat Software

Spam Filter ISP
Back to Top
ecarbone View Drop Down
Newbie
Newbie
Avatar

Joined: 11 January 2014
Location: Mexico
Status: Offline
Points: 24
Post Options Post Options   Thanks (0) Thanks(0)   Quote ecarbone Quote  Post ReplyReply Direct Link To This Post Posted: 18 November 2014 at 3:51pm
Thanks for your answer. It has been very helpful.
Enrique
Back to Top
 Post Reply Post Reply
  Share Topic   

Forum Jump Forum Permissions View Drop Down



This page was generated in 0.258 seconds.