Jump to content


  • Posts

  • Joined

  • Last visited

Posts posted by jongrose

  1. Alright, I've been using the greylisting feature for about a week now and it's working very well. However, I would like to make a couple suggestions:

    1) Change the Manage Greylist pages, for both pending and rejected, to have the list sorted by date - preferably received, but at least one or the other because it's hard to manage, especially the rejected page, since the messages don't seem to be in any discernible order from what I can tell. This would make it much easier to organize the list by pages and tell what day you're on and see if you need to approve any emails that were rejected.

    2) One other thing I would like to see for either of the greylist management pages is the subject line of the email if that is possible. I realize that the object is not to download the entire mail to prevent the mail system from consuming resources, but the subject line would be very helpful in determining if the email may or may not be legit in case we don't know the sender, and since the IP address doesn't help very much in this instance either.

    3) I think it would also be very helpful to incorporate a whitelist button within the Horde Inbox console, like there is for the Held Mail console. This way a user can whitelist email addresses permanently that might have gotten stuck in the graylist, and not have to go to the options, SpamCop tools, etc. every time a user needs to add to the list.

    That's all for now. Keep up the great work!

  2. The idea, again, is that when you receive an e-mail it has a "from" address, a "to" address, and the IP address of the server that sent it. We look at see if the combination from/to/IP has ever been seen before...If they mail you again, they will be greylisted again and the process will start over.

    Is the triplet combination saved permanently once it has been resent and bypasses the graylist or is there a time frame when this information expires and has to be passed through the graylist again? Or to put it another way, does the graylist have it's own internal whitelist (separate from a user's personal whitelist) for the triplet information and, if so, does the information in that whitelist ever come off it for whatever reason?

    My second question may have already been answered. In the Graylist pending entries under Options->SpamCop Tools, I see there is a button where you can "Allow Checked Entries". If you select a pending email and hit this button, will the email come directly into your Inbox (or other folder) or will this only allow it to be received once it is resent by the other mail server? I see under Rejected Entries is mentions that the emails listed there are "Unrecoverable".

    To be completely clear on how the graylisting feature works, does SC's SMTP server just check the triplet and send a bounce or does it fully receive the message, then check the triplet and bounce if it isn't recognized? I presume the latter option would be better suited for the users in a case where a legitimate email message were fully rejected, then the user could still view the message.

    2) Those who just want little spam with no input on their side

    For users of this type, the rejected email(s) could be set to automatically be deleted after a set time period in the scenario I mentioned above. If that kind of implementation is possible, I think it would be helpful in making graylisting more suitable for everyone - emails wouldn't be lost (unless they are not checked) and they still wouldn't show up in the mail folders.

    Finally, since graylisting bounces spam messages, would it work in the same vein as MailWasher in that since the email bounced, *some* spammers would automatically purge the address from their list? Or is the bounce message not of the same ilk that would be used to remove an address from a list?

    Graylisting kind of strikes me as similar to the Telezapper or anonymous call blocker for defeating telemarketing calls - it will block out many telemarketers but also stop some legitimate calls from coming through. :P

  • Create New...