On 2009-03-23, Mikel Lindsaar <raasd...@gmail.com> wrote: > In getting our low traffic email server running, the first thing I > noticed while following the logs that sites like gmail et al will > retry a message from a different host. Sometimes gmail will send > once, try again very soon again from the same host and then queue it, > but the queued email might be sent by a different server.
I sometimes find this a problem when running spamd at low-to-medium volume sites. (I use postgrey instead for those, which only looks at the first 24 bits of the sender's IP address by default). > Has anyone looked at using the message ID in deciding to whitelist a > host? ie, track the hosts by IP address, but if a previously > greylisted host has sent message id 1234 and another host tries to > redeliver 1234 within the passtime requirements, whitelist both? > > Obviously it would be an optional flag, but it seems the likely hood > of some spam bot being able to guess the message id and who has just > sent you a message to bypass this would be low. Far too easily defeated. People would just base the message-id on the HELO/from/to addresses...
