[Gllug] spamassassin v bogofilter

Michael Moritz mimo at gn.apc.org
Thu Jun 2 10:47:48 UTC 2005

On Thursday 02 June 2005 10:59, Jason Clifford wrote:
> On Wed, 1 Jun 2005, Michael Moritz wrote:
> > Yes, the optional is very important. I would estimate around 1% of our
> > users actually optet out of greylisting. Also, it's important to warn
> > people before you put it in place and collect greylisting data without
> > any actual greylisting taking place for a while.
> When you state "opt out" do you mean that it is implemented by default and
> it is up to the end user to turn it of? If so that would seem a poor
> policy approach to me.

The approach is to tell users that it's on by default and that you can switch 
it off if needed. It's not a poor policy to me, because users feel inundated 
with spam in general. And the downsides are in real life mostly unnoticeable. 
You have your whitelists for non-RFC servers in place, others do usually 
resend in reasonable intervals. And one thing not do forget is that only the 
first email you ever exchange with someone is delayed. After this one there 
is no delay anymore. Even this is minimised by the gathering of data before 
you put greylisting in place. 

> > The other pointis that ISPs couldnt afford to literally do nothing about
> > spam. The cost would be to high, not talking about the level of user
> > complaints.
> The cost still hits the ISP even with filtering as the bandwidth has
> already been used. Instead of cheap disk space to store the spam until
> it's downloaded by the ISP the ISP that filters implemented expensive
> servers to do the filtering.

This is a misunderstanding. The receiving SMTP server (the one that does the 
greylisting) reads the MAIL FROM, RCPT TO, and client address, then checks 
the greylisting database and issues a 450. This is before the DATA section of 
the SMTP session.

Gllug mailing list  -  Gllug at gllug.org.uk

More information about the GLLUG mailing list