On Samstag, 24. Juni 2006 02:09 jdow wrote: > However, doesn't a greylist perform much the same intent - a domain > that has not been heard from before is held off for a second chance > in half an hour to an hour.
Yes, but greylisting goes for the from/to/IP triplet. > "Obviously" new domains would trigger > the greylist. If the greylisting is done on a per domain basis it > could be combined with the whois lookup. If the whois lookup did > not provide age data the message is blocked per greylisting. But this special greylisting - I would call it greydomaining - would have to delay 5 days - too long for most sender servers. > If it > provides age data indicating an old domain it's blocked per > greylisting. If it indicates a new domain it's blocked with a > permanent error. (If the whois source is not trustworthy it's also > blocked with a permanent error.) It could be good to make it * if the domain is 0-3 days old, REJECT with a permanent error. * on 4-5 days, REJECT with a temporary error (greydomaining) * after 5 days, use normal greylisting That way it would be a bit smoother. After all, there is a small percentage of new domains being legit, I heard. *g* mfg zmi -- // Michael Monnerie, Ing.BSc ----- http://it-management.at // Tel: 0660/4156531 .network.your.ideas. // PGP Key: "curl -s http://zmi.at/zmi3.asc | gpg --import" // Fingerprint: 44A3 C1EC B71E C71A B4C2 9AA6 C818 847C 55CB A4EE // Keyserver: www.keyserver.net Key-ID: 0x55CBA4EE
pgpYWJuZs8Q6F.pgp
Description: PGP signature
