on Thu, Sep 02, 2004 at 11:23:49AM -0400, Steven Champeon wrote:
I think this is a good idea.
Ditto. But please, for the love of god, don't call it a greylist. Call it what it is - an unconfirmed, FP-risky, anything-goes list.
unconfirmed.surbl.org
Greylisting is a completely different concept, and given how much trouble we've already had dealing with people in the antispam community because we insist on referring to "exclusion" of a domain from SURBL as "whitelisting", perhaps now is the time to get the terminology right.
More info on greylisting and a definition:
http://projects.puremagic.com/greylisting/
"The term Greylisting is meant to describe a general method of blocking spam based on the behavior of the sending server, rather than the content of the messages. Greylisting does not refer to any particular implementation of these methods. Consequently, there is no single Greylisting product. Instead, there are many products that incorporate some or all of the methods described here."
In a nutshell, greylisting is a way of refusing mail on the first attempt in order to provoke a legit MTA to resend a little later and a zombie not to try again. It's a neat idea, but not likely to survive the next generation of spam cannons and ends up slowing down your legit mail by unpredictable amounts, all dependent on the condition and config of the sending server.
And for anyone who was confused about my disdain for the use of the term "whitelisting" for "exclusion of a domain from a blacklist", let me clarify that, too. For everyone else in the world, whitelisting is the process by which you say you will always accept mail from an address, host or domain, NOT simply excluding it from a blacklist, which just means it's in the mu state and is neither perfectly good or perfectly evil ;)
http://catb.org/~esr/jargon/html/W/whitelist.html http://searchsecurity.techtarget.com/gDefinition/0,294236,sid14_gci896131,00... http://www.wordspy.com/words/whitelist.asp
etc.