Fighting spam via greylisting

Bruce Dubbs bruce.dubbs at
Sun Apr 8 08:28:06 PDT 2007

Randy McMurchy wrote:
> Jeremy Huntwork wrote these words on 04/07/07 20:40 CST:
>> I tried a Postfix implementation called Postgrey on my own personal
>> server and the results were very good. (See
>> Based on those results it was decided
>> to implement this service on Quantum.
> Who decided?

Jeremy and I discussed it and thought it would be good to try.

> Were things so bad this had to happen? I am against it. I have not
> been receiving significant spam mail to my LFS account. And we only
> had two recent episodes of spam reaching Trac stuff.

You haven't been seeing it because we've been managing it.  This action
was to try to reduce the management workload.

> The reason I'm against it is because of the complications that may
> happen (Jeremy already described, and the solution is to send an
> email to some private address which isn't even listed, you have to
> kind of figure it out and hope you guess the domain name correctly;
> a month from know, is anyone going to have a clue what the hell that
> email addy was?), and Richards statement of "I also may have lost
> some important emails, but I'll never know".
> Oh well, just my two cents. However, as this was decided outside
> the community, by who knows, I don't expect a reply, just wanted
> to chime in.

The systems is supposed to just give a temporary failure.  Standard MTAs
are resigned to retry temporary failures.  Many times spammers use cut
down mailers and don't retry.  That's the theory any way.  The retry
should be transparent to the user.  The standard notification interval
that I've seen is to notify temporary failures after 4 hours and stop
trying after 5 days.  We are only giving a temp failure message for 5

If this causes problems, we'll remove the function.

  -- Bruce

More information about the lfs-dev mailing list